1 ) Add cert
I've added up a SSL certificate for a subdomain sm.webscraping.pro (VPS, Centos 7) at VestaCP using Lets Encrypt support option, see below:
2 ) Files
The certificate files are in the directory /home/admin/conf/web/
:
ssl.sm.webscraping.pro.ca
ssl.sm.webscraping.pro.crt
ssl.sm.webscraping.pro.key
ssl.sm.webscraping.pro.pem
The file sm.webscraping.pro.httpd.ssl.conf
in the same directory has the following content:
<VirtualHost 185.221.154.249:8443>
ServerName sm.webscraping.pro
ServerAdmin [email protected]
DocumentRoot /home/admin/web/sm.webscraping.pro/public_html
ScriptAlias /cgi-bin/ /home/admin/web/sm.webscraping.pro/cgi-bin/
Alias /vstats/ /home/admin/web/sm.webscraping.pro/stats/
Alias /error/ /home/admin/web/sm.webscraping.pro/document_errors/
#SuexecUserGroup admin admin
CustomLog /var/log/httpd/domains/sm.webscraping.pro.bytes bytes
CustomLog /var/log/httpd/domains/sm.webscraping.pro.log combined
ErrorLog /var/log/httpd/domains/sm.webscraping.pro.error.log
<Directory /home/admin/web/sm.webscraping.pro/public_html>
AllowOverride All
SSLRequireSSL
Options +Includes -Indexes +ExecCGI
#php_admin_value open_basedir /home/admin/web/sm.webscraping.pro/public_html:/home/admin/tmp
php_admin_value upload_tmp_dir /home/admin/tmp
php_admin_value session.save_path /home/admin/tmp
</Directory>
<Directory /home/admin/web/sm.webscraping.pro/stats>
AllowOverride All
</Directory>
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /home/admin/conf/web/ssl.sm.webscraping.pro.crt
SSLCertificateKeyFile /home/admin/conf/web/ssl.sm.webscraping.pro.key
SSLCertificateChainFile /home/admin/conf/web/ssl.sm.webscraping.pro.ca
<IfModule mod_ruid2.c>
RMode config
RUidGid admin admin
RGroups apache
</IfModule>
<IfModule itk.c>
AssignUserID admin admin
</IfModule>
IncludeOptional /home/admin/conf/web/shttpd.sm.webscraping.pro.conf*
</VirtualHost>
3 ) Not working :-(
Yet as to https, the SSL cert still does not work:
4 Check cert
When checking the SSL certificate, the checker returns a SSL cert pertaining to the main domain:
Note: The present SSL certificate pertaining to the main domain cannot be used for both the domain and its subdomains at the same time.
Any suggestion? Is something missing ?
Update
Beside /home/admin/conf/web/sm.webscraping.pro.httpd.ssl.conf
, [automatically generated] file, I've earlier set up virtual hosts for 80 and 443 ports:
/etc/httpd/conf/httpd.conf
<VirtualHost *:80>
DocumentRoot /home/admin/web/sm.webscraping.pro/public_html/public
ServerName sm.webscraping.pro
</VirtualHost>
<VirtualHost *:443>
ServerName sm.webscraping.pro
DocumentRoot /home/admin/web/sm.webscraping.pro/public_html/public
SSLEngine On
SSLCertificateFile /etc/dehydrated/certs/sm.webscraping.pro/cert.pem
SSLCertificateKeyFile /etc/dehydrated/certs/sm.webscraping.pro/privkey.pem
SSLCertificateChainFile /etc/dehydrated/certs/sm.webscraping.pro/fullchain.pem
</VirtualHost>