Coremanaged SSL
Coremanaged SSL
To install a ssl certificate on a coremanaged box you will need to do the following.
First you will need to create the RSA key using the following line.
(change the domain to what you are working on in all instances of domain.com.)
CSR generation
openssl genrsa -out domain.com.key 2048 chmod 400 domain.com.key
Add the ns record
cd /var/named/
vim domain.com.db
Below is a template dns record you can use. Don't forget to title it "domain.com.db".
<pre>
$TTL 300
domain.com. 86400 IN SOA ns1.domain.com. template.liquidweb.com. (
2010052200 ;Serial Number
86400 ;refresh
7200 ;retry
3600000 ;expire
86400 ;minimum
)
domain.com. 86400 IN NS ns1.domain.com.
domain.com. 86400 IN NS ns2.domain.com.
domain.com. 300 IN A 69.167.155.110
localhost 300 IN A 127.0.0.1
domain.com. 300 IN MX 0 domain.com.
mail 300 IN CNAME domain.com.
www 300 IN CNAME domain.com.
ftp 300 IN A IP here
ns1 300 IN A IP here
ns2 300 IN A IP here
host 300 IN A IP here
cd /var/named/ vim domain.com.db rndc reload domain.com rndc reload domain.com
Add the Vhost entry Usually located here.
vim /etc/httpd/conf.d/ssl_vhosts.conf
Then add the following and modify it to have the paths and ip that you will be using for your new ssl domain.
<VirtualHost (sites ip here):443>
ServerName domain.com
DocumentRoot
UseCanonicalName Off
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/domain.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/domain.com.key
SSLCACertificateFile /etc/pki/tls/certs/domain.com.cabundle
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>