Let's Encrypt: Sentora Login

Process done as ROOT user.

NOTICE: For CentOS servers replace apt-get with yum and replace apache2 with httpd

Installing git & Let’s Encrypt
Let’s Encrypt is a new Certificate Authority:
It’s free, automated, and open.

Check to make sure mod_ssl is installed:
On Sentora Panel go to Admin -> PHPinfo -> View Full PHP Configuration -> Search for mod_ssl
If not, install it:
NOTICE: For CentOS replace apt-get with yum

Code:
apt-get install mod_ssl


Check to make sure openssl is installed:  (openssl does not mandate the install of mod_ssl in CentOS 6.x)
On Sentora Panel go to Admin -> PHPinfo -> View Full PHP Configuration -> Search for openssl
If not, install it:
NOTICE: For CentOS replace apt-get with yum

Code:
apt-get install openssl


REQUIRED for CentOS: Edit /etc/httpd/conf.d/ssl.conf and change Listen 443 to #Listen 443

Next, install git and Let's Encrypt:[/b]
NOTICE: For CentOS replace apt-get with yum

Code:
apt-get install git
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto --help


Creating a Certificate for your domain
You need to turn off apache before creating a certificate or you will get something like
 

Quote:The program httpd (process ID XXXX) is already listening on TCP port 80. This will prevent us from binding to that port. Please stop the httpd program temporarily and then try again.


REMINDER: Replace panel.example.com by your Sentora login URL.
NOTICE: For CentOS replace apache2 with httpd

Code:
service apache2 stop
./letsencrypt-auto certonly --standalone -d panel.domain.com
service apache2 start


Changing Sentora port:
On Sentora Panel go to Admin -> Sentora Config -> Sentora Apache Port change to 443 and Save.

Adding a Custom Entry to the Sentora Virtual Host
On Sentora Panel go to Admin -> Module Admin -> Apache Config > Global Sentora Entry

Don't forget to replace panel.example.com with your panel's login URL below: (Apache 2.4+)

Code:
SSLEngine on
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
SSLCertificateFile /etc/letsencrypt/live/panel.domain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/panel.domain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/panel.domain.com/chain.pem
# Keeping bellow for future upgrades.
# Requires Apache >= 2.4
SSLCompression off


Save Vhost.

Wait on daemon update or run it manually and restart apache.
NOTICE: For CentOS replace apache2 with httpd

Code:
php -q /etc/sentora/panel/bin/daemon.php
service apache2 restart


Your panel login should now be secured by SSL.
You can test it here: https://www.ssllabs.com/ssltest/

PenWant to help ? Click here to report mistake or to send complement to add.