Please fully read the documentation BEFORE attempting to install a certificate on your server.
For instructions on how to install a certificate for a Domain or Sub-Domain, please read here.
CentOS 6.X with self SSL for your Control Panel.
Before attempting the below instructions, please be sure that you have read these instructions on how to install OpenSSL.
SSL should already be activated if you followed the install instructions correctly.
Login as root user in a terminal
Edit SSL configuration file
Remember that if you have purchased certificates, then you must replace the names below with your actual certificate names.
Please be sure that all purchased certificates have been properly prepared for installation.
nano /etc/httpd/conf.d/ssl.conf
(You can use vi also if you wish)
Around line 100 you should see the code below.
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.
SSLCertificateFile /etc/pki/tls/certs/Sentora.id-network.org.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/pki/tls/private/Sentora.id-network.org.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
SSLCACertificateFile /etc/pki/tls/certs/Sentora.id-network.org.ca-bundle.crt
You need to edit the highlighted text and add in the name of your certificates.
I believe that CentOs will run without a ca-bundle.crt if you're using a self signed certificate.
CentOS won't run SSL properly if the files are in different directories other than the default paths.
Now copy your certificates to the appropriate directories using your favourite SFTP client.
Insert into SentoraCP
go to Sentora -> Admin -> Module Admin => Apache Config
Copy and paste into Global Sentora entry:
Redirect Permanent / https://Sentora.id-network.org/
Restart apache
service httpd restart
Open HTTPS port
Open port 443 on your server if you setup a firewall (see help of the firewall installed)
AND
Open and forward port 433 on your modem-router if you have any between your server and the WAN and if you want your server to be reachable from the world. (See help of the modem-router).
It is ready !
It is done. Try to access your panel at https://your-panel-domain