Title: Anyone help me with SSL (CLOSED) Post by: squall1066 on May 06, 2015, 04:14:01 PM Hiya all, Sorry, but this is strictly high trust longstanding members only. It's not much but it's my site, I will reset all passwords after use.
I might consider someone guiding me step by step. Basically, I am installing an SSL cert on apache2 server, I have generated CSR and received the four comodo files and made the server.crt file, But thats where I am stuck, I dont know where it goes or how to activate it on the VPS. No I will not use a cloud. Let me know what your price is. Title: Re: Anyone help me with SSL (high trust members only) Post by: Bitsky on May 06, 2015, 04:46:13 PM That should get you started
Code: <VirtualHost 1.2.3.4:80> Title: Re: Anyone help me with SSL (high trust members only) Post by: squall1066 on May 06, 2015, 07:00:12 PM That should get you started Code: <VirtualHost 1.2.3.4:80> too far ahead, I am at this point Find the Apache config file to edit. Ubuntu's Apache configuration file for your ssl site is typically found in /etc/apache2/sites-enabled/your_site_name. If it is not found in the 'sites-enabled' folder, you would need to run the command sudo a2ensite your_site_name. my site is not under the sites-enabled and the sudo command does not work "command not found" Title: Re: Anyone help me with SSL (high trust members only) Post by: Bitsky on May 06, 2015, 07:15:32 PM Not an Ubuntu user myself, but on Redhat you can get vhost information by running "httpd -S"; could be "apache2ctl -S" on Ubuntu.
Title: Re: Anyone help me with SSL (high trust members only) Post by: nomadcrypto on May 06, 2015, 09:53:02 PM 1) copy the default vhost in /etc/apache2/sites-available/default-ssl.conf:
Code: sudo cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/001-yourdomain.conf 2)make the edits mentioned previously by Bitsky - just edit the relevant paths in your new 001-yourdomain.conf 3) enable the domain Code: sudo a2ensite 001-yourdomain.conf RE: sudo not found Can you post the output of the following?: Code: whereis sudo Title: Re: Anyone help me with SSL (high trust members only) Post by: squall1066 on May 07, 2015, 01:40:57 PM RE: sudo not found Can you post the output of the following?: Code: whereis sudo Code: root@Squall:~# whereis sudo Title: Re: Anyone help me with SSL (high trust members only) Post by: squall1066 on May 07, 2015, 01:47:38 PM I just installed it so now its:-
Code: root@Squall:/# whereis sudo Title: Re: Anyone help me with SSL (high trust members only) Post by: squall1066 on May 07, 2015, 01:54:15 PM my site is not in /etc/apache2/sites-enabled/ but there is a folder with the site name on that is a shortcut link to somewhere, but I cant open or goto the link.
I run sudo a2ensite "sitename" but it returns with "sitename" does not exist. Just so you know, I am following this guide. https://www.digicert.com/ssl-certificate-installation-ubuntu-server-with-apache2.htm I am at step 2, I just cant find the file to edit, or create it. Title: Re: Anyone help me with SSL (high trust members only) Post by: Muhammed Zakir on May 07, 2015, 02:05:42 PM Did you check if there is any typos in site's name in the command?
P.S. What are you getting when you run whereis <site's name>? Title: Re: Anyone help me with SSL (high trust members only) Post by: squall1066 on May 07, 2015, 02:13:33 PM Did you check if there is any typos in site's name in the command? yes, The ghost file that I found that leads to nowhere did start off 000-www.mysite.conf I tried this aswell but nothing, I cant do anything with this "ghost" file, I cand move/del/edit nothing, I'm stumped. I use filezilla BTW, so I see it as a windows directory would show it, any I run command with putty. Title: Re: Anyone help me with SSL (high trust members only) Post by: nomadcrypto on May 07, 2015, 04:43:10 PM Did you check if there is any typos in site's name in the command? yes, The ghost file that I found that leads to nowhere did start off 000-www.mysite.conf I tried this aswell but nothing, I cant do anything with this "ghost" file, I cand move/del/edit nothing, I'm stumped. I use filezilla BTW, so I see it as a windows directory would show it, any I run command with putty. That ghost file is a symbolic link to some other file which may or may not exist(im guessing?). Your vhost should be in /etc/apache2/sites-available and the "a2ensite" script simply creates a symbolic link for it in /etc/apache2/sites-enabled. If I were you I would just start over. Here is a step by step command list: remove the current symbolic link Code: sudo unlink /etc/apache2/sites-enabled/{Your old vhost}.conf or Code: sudo rm -rf /etc/apache2/sites-enabled/{the weird directory you mentioned} ^ make sure you verify the path. you don't want to accidentally delete the wrong directory. copy the default ssl vhost in /etc/apache2/sites-available/default-ssl.conf: Code: sudo cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/001-yourdomain.conf uncomment/edit the relevant paths in your new 001-yourdomain.conf(DocumentRoot, SSLCertificateFile, SSLCertificateKeyFile, etc) Code: <IfModule mod_ssl.c> Code: sudo a2ensite 001-yourdomain.conf I know this is probably like reading greek(assuming you don't read greek :P) right now but ubuntu really makes it a breeze to run a basic lamp setup once you figure it out. edit if you would like I can walk you through this on a teamviewer session or something. Title: Re: Anyone help me with SSL (high trust members only) Post by: Muhammed Zakir on May 07, 2015, 06:19:33 PM -snip- Code: sudo rm -rf /etc/apache2/sites-enabled/{the weird directory you mentioned} ^ make sure you verify the path. you don't want to accidentally delete the wrong directory. -snip- I highly recommend you to copy all the files in 'sites-enabled' before you try to run the above command. Using -a when running cp command is recommended. Title: Re: Anyone help me with SSL (high trust members only) Post by: squall1066 on May 07, 2015, 06:27:15 PM Every web dev who wants some sort of SSL has to go through this ::) Geeez Louise!
There no easier way? :P K give me some time, I will do this later when I am set up mentally :-\ Title: Re: Anyone help me with SSL (high trust members only) Post by: nomadcrypto on May 07, 2015, 06:30:42 PM -snip- Code: sudo rm -rf /etc/apache2/sites-enabled/{the weird directory you mentioned} ^ make sure you verify the path. you don't want to accidentally delete the wrong directory. -snip- I highly recommend you to copy all the files in 'sites-enabled' before you try to run the above command. Using -a when running cp command is recommended. if one follows the standards for setting up a vhost in ubuntu there shouldn't be anything in that directory except for symbolic links to config files located in sites-available. Title: Re: Anyone help me with SSL (high trust members only) Post by: Reynaldo on May 07, 2015, 06:44:20 PM When I've any issue with my linux box I usually check the arch linux wiki, it should apply to the latest updated linux distro and would only vary if ubuntu uses some different files for configuration (this might be the case); Take a read on https://wiki.archlinux.org/index.php/Apache_HTTP_Server and see if you can find anything there
the exact part regarding ssl Code: To use TLS/SSL, you will need to install openssl. Title: Re: Anyone help me with SSL (high trust members only) Post by: Bitsky on May 07, 2015, 07:41:53 PM Every web dev who wants some sort of SSL has to go through this ::) Geeez Louise! That's why I only run CentOS/RHEL on all my servers and admin them via SSH only.There no easier way? :P K give me some time, I will do this later when I am set up mentally :-\ Never understood why Debian/Ubuntu would do crap like symlinking configs. Title: Re: Anyone help me with SSL (high trust members only) Post by: Abdussamad on May 08, 2015, 12:19:15 AM I just installed it so now its:- Code: root@Squall:/# whereis sudo sudo is used to execute commands as another user. It's used on servers where root login is disabled and instead people login as an unprivileged user and use sudo to execute commands as root user. In your case since you are already logged in as root you can omit the use of sudo. Commodo has some excellent documentation that you should refer to instead of asking on random forums for help: https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/637/37/certificate-installation-apache--mod_ssl If you need someone to install it for you then PM me and I'll do it for a reasonable fee. Title: Re: Anyone help me with SSL (high trust members only) Post by: Rmcdermott927 on May 08, 2015, 05:51:53 AM Hiya all, Sorry, but this is strictly high trust longstanding members only. It's not much but it's my site, I will reset all passwords after use. I might consider someone guiding me step by step. Basically, I am installing an SSL cert on apache2 server, I have generated CSR and received the four comodo files and made the server.crt file, But thats where I am stuck, I dont know where it goes or how to activate it on the VPS. No I will not use a cloud. Let me know what your price is. Squall, what is a little tricky is that the intermediate certificates need to be combined in exactly the right order. I'm not sure which particular Comodo cert you have, but mine had three intermediates. Take a look here: https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/643/17/ Title: Re: Anyone help me with SSL (high trust members only) Post by: squall1066 on May 08, 2015, 10:04:09 AM Squall, what is a little tricky is that the intermediate certificates need to be combined in exactly the right order. I'm not sure which particular Comodo cert you have, but mine had three intermediates. Take a look here: https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/643/17/ Yes, I have the same, I managed to compile fine using cat command. sudo is used to execute commands as another user. It's used on servers where root login is disabled and instead people login as an unprivileged user and use sudo to execute commands as root user. In your case since you are already logged in as root you can omit the use of sudo. Commodo has some excellent documentation that you should refer to instead of asking on random forums for help: https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/637/37/certificate-installation-apache--mod_ssl If you need someone to install it for you then PM me and I'll do it for a reasonable fee. Thats a little beyond me, How does that work? As I have root access but still need sudo to run certain commands to get this job done? whats your idea of a reasonable fee ;D Title: Re: Anyone help me with SSL (high trust members only) Post by: squall1066 on May 08, 2015, 03:25:48 PM closed,
I am not clever enough, I have been on it two weeks and made Major stupid mistakes, and my site is not popular enough to do this every year. I have nearly lost my site due to my errors, no one wants my money, so I will just cloud my site with free SSL discretion is the better part of valor. Thanks all Title: Re: Anyone help me with SSL (high trust members only) Post by: Rmcdermott927 on May 09, 2015, 06:18:33 AM closed, I am not clever enough, I have been on it two weeks and made Major stupid mistakes, and my site is not popular enough to do this every year. I have nearly lost my site due to my errors, no one wants my money, so I will just cloud my site with free SSL discretion is the better part of valor. Thanks all Squall, I know I dont have high trust like required by your post but if you want we could do it through a teamviewer session so you wouldnt have to give me any passwords and you can watch everything I am doing. I have set up a ton of Comodo certs before. PM me if you are interested. |