Skippy's Random Ramblings
The Random Thoughts of a Geek heading for Banbury
Skippy's Random Ramblings
The Random Thoughts of a Geek heading for Banbury
Geeky Hosting Wordpress

More SSL on Sentora / ZPanel

Things go better encrypted
by |Published

On the server is a site that wants to be both SSL and non SSL, this is not something that is natavily supported by Sentora/ZPanel, so what we did in SSL on Zpanel / Sentora will not work here (sad face) EXPLICITLY DON’T do that! if you have done it like that (by that I mean the VHost Override) undo it now, and re run the demon and apachectl restart.

In order for this to work both accessible in port 80 and port 443, you need to add a custom SSL-Vhost manually (this is not ZPanel or Sentora Default Vhost Config).

You can try this if you are planning to give you panel accessible to port 80 and 443:

  1. Do not touch the original VHOST
  2. Create a Vhost file called: http-ssl-vhost.conf (or whatever file name you want as long as it is .CONF) in “/etc/zpanel/configs/apache” with the following: 
    # DOMAIN: domain_name.com
<virtualhost *:443>
ServerName domain_name.com
ServerAlias domain_name.com www.domain_name.com
ServerAdmin [email protected]_name.co.uk
DocumentRoot "/var/zpanel/hostdata/user_name/public_html/domain_name_com"
php_admin_value open_basedir "/var/zpanel/hostdata/user_name/public_html/domain_name_com:/var/zpanel/temp/"
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"
ErrorLog "/var/zpanel/logs/domains/user_name/domain_name.com-error-ssl.log"
CustomLog "/var/zpanel/logs/domains/user_name/domain_name.com-access-ssl.log" combined
CustomLog "/var/zpanel/logs/domains/user_name/domain_name.com-bandwidth-ssl.log" common
<Directory />
Options FollowSymLinks Indexes
AllowOverride All
Order Allow,Deny
Allow from all
</Directory>
AddType application/x-httpd-php .php3 .php
DirectoryIndex index.html index.htm index.php index.asp index.aspx index.jsp index.jspa index.shtml index.shtm
# Custom Global Settings (if any exist)

# Custom VH settings (if any exist)
SSLEngine On
SSLCertificateFile      /etc/ssl/certs/domain_name.com/domain_name_com.crt
SSLCertificateKeyFile   /etc/ssl/certs/domain_name.com/domain_name_com.key
SSLCACertificateFile    /etc/ssl/certs/domain_name.com/gs_root.pem
SSLCertificateChainFile /etc/ssl/certs/domain_name.com/gs_intermediate_ca.crt

SSLProtocol -ALL +TLSv1
SSLHonorCipherOrder on
SSLCipherSuite HIGH:!aNULL:!MD5
</virtualhost>
# END DOMAIN: domain_name.com
################################################################
  3. Follow the instructions in this post regarding how to store certificates.
  4. Open your /etc/httpd/httpd.conf and insert this at the bottom: 
    # Custom SSL Apache config
Include /etc/zpanel/configs/apache/httpd-ssl-vhosts.conf
  5. Make sure everything is correctly set… File, Path, and Configuration of your Cert and Key files.
  6. Final step is to restart your Apache Service “apachectl restart”

You may also like

Published

Weather Station – Stevenson Screen

A Stevenson screen is an outdoor enclosure to shield meteorological instruments against precipitation and direct heat radiation (sometimes called a radiation screen) […]

Mail Specifications
Published

Small business groupware

As previously mentioned work (CASS Industries Ltd.) needed a new groupware solution after Microsoft pulled the plug on both Small Business Server, […]

Leave a comment

Your email address will not be published. Required fields are marked *

3 thoughts on “More SSL on Sentora / ZPanel”