Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Easiest Way to Install SSL?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Easiest Way to Install SSL?

SpencerSpencer Member
edited April 2012 in General

Im trying to install SSL on my apache LEB. And it is such a pain in the a**. What is the easiest way? Like any scripts or something? Anything that can maximize my laziness?

Comments

  • What is complex on doing it? :|

  • @yomero said: What is complex on doing it? :|

    On apache and no control panel I have a hard time. But then again it is my first time.

  • So, if you don't want to learn....
    Is a thing of 5 minutes.

  • @yomero said: So, if you don't want to learn....

    Is a thing of 5 minutes.

    I do want to learn but I have tried over 15 times. But to no success.

  • Maybe if you post what is happening someone can help you.

  • twaintwain Member

    There are a ton of howtos online on doing it manually. In fact, I much prefer doing it manually than for instance doing it through cPanel which can be a real pain in the ass sometimes.

  • cpanel is a pain with SSL?

  • @DotVPS said: I prefer doing it with nginx i find it easier.

    Is it? Ill give that a try since me and apache are having our issues :p

  • @PytoHost said: What is the easiest way?

    Pay somebody.

  • gianggiang Veteran
    edited April 2012

    @PytoHost said: Is it? Ill give that a try since me and apache are having our issues :p

    Yes, it's really fast and easy to install SSL on nginx config file :D Here is my config, just replace server_name and ssl_certificate, ssl_certificate_key with yours to get it work :D

    server {
        listen 443 ssl;
        ssl_certificate         /etc/nginx/ssl/www_mywebsite_com.csr;
        ssl_certificate_key     /etc/nginx/ssl/www_mywebsite_com.key;
        keepalive_timeout    60;
        ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_ciphers ECDHE-RSA-AES256-SHA:AES256-SHA:CAMELLIA256-SHA:DES-CBC3-SHA;
        ssl_prefer_server_ciphers   on; 
        
        server_name mywebsite.com;
        root /var/www/mywebsite.com;
        include /etc/nginx/fastcgi_php;
        index index.php;
    }
  • @breton said: Pay somebody.

    Yep, this is the "bestest" way LOL.

  • ElliotJElliotJ Member
    edited April 2012

    Remember to include the intermediate certificate! Otherwise Firefox throws some nasty warnings.

    Also, looking at @giang's config, disable SSLv2 and some of the weak cyphers if you're handling any financial transactions for PCI compliance.

    Here's my SSL section of the nginx config I use

           ssl on;
            ssl_certificate /usr/local/certs/combined.crt;
            ssl_certificate_key /usr/local/certs/ssl.key;
            ssl_session_timeout 5m;
            ssl_protocols SSLv3 TLSv1;
            ssl_ciphers               HIGH:!ADH:!EXPORT56;
            ssl_prefer_server_ciphers on;
    
    Thanked by 1yomero
  • twaintwain Member

    @speckl said: cpanel is a pain with SSL?

    well maybe not really a pain; I usually will do it through WHM, and when updating a current cert, it often auto-pulls-in the wrong key, even if you've already pasted in the correct key, it will often overwrite it with an incorrect previous key etc; you just have to be sure at the very end before you submit that you've got the correct key in there...

  • @PytoHost you run a hosting company and you don't know how to install a certificate? How old are you?

  • @ElliotJ
    We really need the last lines? :P
    (session timeout and so)

  • @OneTwo said: you run a hosting company and you don't know how to install a certificate? How old are you?

    Its not something that I do daily. I have done it multiple times in WHM/cPanel but never manual. No need to. Im sure your not an expert at everything either. And just to answer your last question 28

  • InfinityInfinity Member, Host Rep

    Damn, hosting companies and their reliance on control panels. :L

    Thanked by 1yomero
  • @Infinity said: Damn, hosting companies and their reliance on control panels. :L

    Not all :)

    Thanked by 1Infinity
Sign In or Register to comment.