If yous bring installed WordPress amongst ServerPilot, too yous desire to install Comodo Positive SSL on ServerPilot, hither is a pace past times pace guide to assist you. This tutorial is for rootage domain user, too yous powerfulness non survive able to practice the same if yous bring a subdomain.
Installing an SSL is non mandatory if yous bring a full general website or personal blog. However, a few months back, Google acknowledged that they purpose SSL or HTTPS equally a ranking factor. Hence, if yous desire to become a lilliputian combat to a greater extent than exposure inward the eyes of the giant search engine, installing SSL tin assist yous a bit.
Google Chrome has started showing a “Not Secure” tag inward the address bar if a website doesn’t bring SSL or HTTPS – too so, it may harm the user sense if yous practice non install SSL.
ServerPilot is a helping manus if yous purpose unmanaged VPS. You volition survive able to install WordPress inward a real slow way. This online tool allows users to install SSL. However, that is a gratuitous too shared SSL. If yous practice non desire to purpose a shared SSL certificate for your website too yous desire to install Positive SSL on ServerPilot, this is the guide yous need.
Install SSL on ServerPilot
To install SSL on your domain, yous cry for a few things:
- Cyberduck
- Putty (You tin download from official website)
- SSL certificate from a reliable source
- CSR
- Private key
- Server IP address
- Root password
First, yous cry for to obtain the Positive SSL certificate for your domain. For that, yous tin caput over to the website from where yous buy the SSL too trial a certificate for your domain. During that period, yous cry for to generate CSR. You tin view this website to brand a CSR for your domain.
During the CSR generation, yous should move inward WWW.YOUR-DOMAIN.COM if your site URL is http://www.your-domain.com. If your site URL is http://your-domain.com, yous bring to move inward YOUR-DOMAIN.COM. They render SSL exclusively for 1 version of your site URL (with or without WWW).
Also, yous volition become 2 things, i.e., CSR too Private Key. You must bring to brand a re-create of these 2 things. Also, brand certain they are dissever files. For CSR, yous should become the starting too ending tags similar this-
-----BEGIN CERTIFICATE REQUEST-----Some random unique characters-----END CERTIFICATE REQUEST-----
For Private key, yous volition become the tags similar this-
-----BEGIN PRIVATE KEY-----Some random unique characters-----END PRIVATE KEY-----
Save the CSR amongst .csr extension too salvage the Private telephone substitution amongst .key extension.
After the domain verification, near of the SSL certificate issuers shipping the certificate files via email. You should become a zip file that contains these files-
- www_domain-name_com.crt
- COMODORSADomainValidationSecureServerCA.crt
- COMODORSAAddTrustCA.crt
- AddTrustExternalCARoot.crt
After having them all, opened upward Putty too log into your server. You tin uncovering a window similar this-
Enter the IP address, purpose 22 equally Port too striking the Enter button. Therefore, yous cry for to user “root” equally username too the rootage password. After that, move inward this command-
cd /etc/nginx-sp
mkdir certs
cd certs
mkdir your-domain.com
cd your-domain.com
In this folder, upload these next files-
- CSR
- Private Key
- www_domain-name_com.crt
- COMODORSADomainValidationSecureServerCA.crt
- COMODORSAAddTrustCA.crt
- AddTrustExternalCARoot.crt
You tin purpose Cyberduck to upload all the files.
Following that, move inward this ascendence inward Putty-
cat www_domain-name_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt >> chain.crt
In unopen to cases, the SSL provider tin shipping exclusively 2 files:
- www_domain-name_com.ca-bundle
- www.domain-name_com.crt
The .ca-bundle is zilch exactly a consolidated file of other 3 files equally mentioned above. If yous received these files instead of iv certificate files, yous cry for to upload these 2 inward the your-domain.com folder.
Following that, yous tin move inward this ascendence inward Putty-
cat www.domain-name_com.crt www_domain-name_com.ca-bundle >> chain.crt
After that, move inward this command-
cd /etc/nginx-sp/vhosts.d/app-name.d
Do non forget to modify the app-name.d amongst your app name. In the app-name.d directory, practice a file too cry it ssl.conf. Open upward this file amongst Notepad or whatsoever other text editor too move inward these lines of code-
listen 443 ssl;psyche [::]:443 ssl;ssl_certificate /etc/nginx-sp/certs/your-domain.com/chain.crt;ssl_certificate_key /etc/nginx-sp/certs/your-domain.com/private.key;ssl_session_cache shared:SSL:20m;ssl_session_timeout 10m;ssl_prefer_server_ciphers on;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH!aNULL:!MD5:!DSS;ssl_stapling on;ssl_stapling_verify on;ssl_trusted_certificate /etc/nginx-sp/certs/ your-domain.com/www_domain-name_com.crt;laid $ssl_status off;if ($scheme = "https") {laid $ssl_status on;}proxy_set_header X-Forwarded-Proto $scheme;proxy_set_header X-Forwarded-Ssl $ssl_status;
Do non forget to supersede the given file names amongst your ain file names.
After that, practice unopen to other file inward the same directory too cry it off.nossl_conf. Open upward this file amongst whatsoever text editor too add together this:
if ($scheme !="https"){render 301 https://$server_name$request_uri;}
Now move inward this ascendence inward Putty-
nginx-sp -t
It should present a success message similar this-
If it shows a success message, yous cry for to restart Nginx. For that, move inward this command-
service nginx-sp restart
Now, yous should banking concern lucifer whether your SSL has been installed successfully or not. There is an online tool called SSL Checker. You tin visit the website too move inward your domain name. You should become a message similar this-
Now, yous cry for to brand all the redirections. For instance, yous cry for to redirect from http to https. If yous bring already added the website inward Google or Bing Webmaster Tools or Search Engine Console earlier installing the SSL, yous cry for to verify your website at that spot too. On the other hand, yous cry for to brand all the changes inward diverse social networking platforms similar Facebook, Twitter, etc.
Get HTTPS amongst WWW
You cry for to move inward this inward the htaccess file:
RewriteEngine onRewriteCond %{HTTP_HOST} ^your-domain.com [NC]RewriteRule ^(.*)$ http://www.your-domain.com/$1 [L,R=301,NC]RewriteEngine OnRewriteCond %{SERVER_PORT} 80RewriteRule ^(.*)$ https://www.your-domain.com/$1 [R,L]
Get HTTPS without WWW
RewriteEngine onRewriteCond %{HTTP_HOST} ^www. your-domain.com [NC]RewriteRule ^(.*)$ http:// your-domain.com/$1 [L,R=301]
RewriteEngine OnRewriteCond %{SERVER_PORT} 80RewriteRule ^(.*)$ https://your-domain.com/$1 [R,L]
In instance zilch is working, yous tin install this WordPress plugin called Really Simple SSL on your WordPress site.
Now yous tin conk along using your website amongst HTTPS. Hope this guide would survive helpful for you.
Source: https://www.thewindowsclub.com/
comment 0 Comments
more_vert