SSL Certificate with Digital Ocean-Sentora-GoDaddy

By August 25, 2015 Programming No Comments
sentora_login

We had two of these to set up in the last 2 days so of course the first one was a bit of a pain with plenty of
Googling to find the right course of action.  After this second one, we nailed down the process so just wanted to share it here. This is for installing a GoDaddy issued SSL Certificate onto a Digital Ocean hosted site w/ Ubuntu and with Sentora (or zPanel) installed.

With Digital Ocean, you’ll need to generate a CSR and Private Key. Follow the instructions for this
at https://www.digitalocean.com/community/tutorials/how-to-install-an-ssl-certificate-from-a- commercial-certificate-authority (scroll down to Generate a CSR and Private Key).

After you get the CSR generated, you’ll need to buy and set up the SSL certificate at GoDaddy.  You’ll find instructions on that same web page under Example CA 2: GoDaddy. After you have downloaded the certificate and rename the files, this is where things will be a bit different with Digital Ocean/Sentora.

Install Certifcate on Web Server

1. Copy example.com.crt and intermediate.crt to your /root/ folder. If you don’t see the root directory when you FTP, that’s normal. You need to SFTP using your SSH credentials to see the directories above the main website root. (change example.com.crt to use your domain name).

2. Next, log into your Digital Ocean SSH console (either through DigitalOcean.com or through Putty). Enable the Apache SSL module and restart Apache with the following commands if you’re running Ubuntu:
sudo a2enmod ssl
sudo service apache2 restart

3. Now we need to update the vhosts. Since we’re running Sentora/zPanel, this is a bit different than the instructions you’ve been following. Follow the instructions on http://docs.sentora.org/?node=64
Keeping with the location we used earlier (/root), the custom entry will be something like:
SSLEngine on
SSLCertificateFile /root/example.com.crt
SSLCertificateKeyFile /root/example.com.key
SSLCACertificateFile /root/intermediate.crt

4. Extra credit
Do just the SSL security items on http://forums.sentora.org/showthread.php?tid=1039 – this article shows how to make just the panel SSL-enabled and we already took care of that in #3 but making SSL a little more secure is a cool thing to do right?