vicidial.org

i bought a ssl certificate and they gave me:

file.ca-bundle
file.crt
file.p7b
file.key

what is the proccess to install the certificate ??

Free SSL Certificate (90 Days)

https://zerossl.com/free-ssl/

1- fill out your domain name and Accept ZeroSSL TOS and Accept Let's Encrypt SA (pdf) (System will generate the csr certificate
2- Include www-prefixed version too? Yes/ No (Your Choice)
3- Generating CSR -> Next
4- Generating Private Key -> Next
5- Download the file and upload to your server for verification (http://domain.com/.well-known/acme-challenge/) create a folder in root named .well-know and a subfolder named (acme-challenge)
6- Verify
7- Copy / Download certificate (rename to vicibox.crt)
8- Copy / Download domain key (rename to vicibox.key)
9- Upload files to dtlscertfile=/etc/apache2/ssl.crt/vicibox.crt and dtlsprivatekey=/etc/apache2/ssl.key/vicibox.key
10- service apache2 restart
11- vim /etc/apache2/vhosts.d/1111-default.conf
12- add this commands at the end before ends </virtualhost>

Code: Select all

RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

service apache2 restart

iboam wrote:i bought a ssl certificate and they gave me:

file.ca-bundle
file.crt
file.p7b
file.key

what is the proccess to install the certificate ??

Unrelated to Vicidial, of course. But basically:

In /etc/apache2/vhosts.d/1111-default-ssl.conf (or whatever your version has for default-ssl.conf) you will find an example similar to:

Code: Select all

        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl.crt/vicibox.crt
        #SSLCACertificateFile /etc/apache2/ssl.crt/CA_chain.crt
        SSLCertificateKeyFile /etc/apache2/ssl.key/vicibox.key


Make a quick copy of the file that's already there. End the copy with "BAK" (Or anything other than ".conf") and it will be ignored. Anything NOT ending in .conf in this directory is automatically ignored. Now you can edit the original.

You put your crt, ca-bundle, ane key files in the locations indicated by the provided examples (OR just put them anywhere on the HD, location isn't really important, there's no significance to "where they go" other than being able to find them easily).

As long as you put the full path in the .conf file based on where you put the file, apache will find them and use them.

No, it's not a problem that the file extentions don't match. The ".crt" ending in the commented out SSLCACertificateFile file is not required. So your "file.ca-bundle" doesn't need to be renamed. You can if you like, though. There's no rule about it's name or whether the name has been changed since it was created. You will need to uncommend the SSLCACertificateFile line to activate the loading of the CA bundle cert.

Then you restart the apache server.

Code: Select all

service apache2 restart

This is where that copy comes in. If there's an error, you can revert to the prior copy of the file, restart apache again, and it'll be up and running while you figure out what went wrong. But: If there IS an error, there will usually be a command provided to find out what the error was. If you provide us the output from that command (before reverting of course), we can help with any problems.