HTTPS/SSL Encryption for Sentora Control Panel and Other Hosted Sites
This article is mainly for Gemnode staff, or any other server admin out there that is using the Sentora control panel and wants to serve sites over HTTPS using SSL.
If you are hosted with Gemnode and wish to have your site secured, just let us know and we can set it up for you.
Generating SSL Certificates
First we will need to generate SSL certificates, thankfully this can be done free via Lets Encrypt.
Sentora recommends creating a new certificates directory for each user and there sites like the path below:
But I recommend sticking to the guides and storing the certificates how Lets Encrypt does by default. This will make finding and renewing certificates easier.
Choose from one of the guides below based on your Linux distribution:
Configure Apache to use the Certificates
Now that we have generated the certificates we need to configure our web server to use them.
Secure Sentora Panel Subdomain
Use this guide to secure only your Sentora panel subdomain. For all other websites(domains/subdomains) jump down to the next section.
If you need a more detailed explanation refer to this blog post.
Other Domains and Subdomains Managed by Sentora
Follow the guide below starting from “Override a Virtual Host Setting” down, since we already took care of the certificates. But the generated certificate files have different names and extensions so follow this mapping instead:
- certificate.crt >>> cert.pem
- certificate.key >>> privkey.pem
- certificate.ca-bundle >>> fullchain.pem
Test Your Domains
So that’s all there is to it. After about 5 minutes once the Sentora daemon has run and the Let’s Encrypt certificate authority is verifying your certificates you should be able to test your domains by visiting them via https. If you get a warning from the browser then do not proceed as you will need to test again. And this means something is not properly configured. Double check all the steps again and leave a comment if you need help.