How to add a purchased certificate to aMiSTACX

Generally speaking this will be the same process for both Apache and NGINX.

A high-level overview is provided here. Please see your stack instructions for more details per vhost configuration.

Step 1. Copy the certificate(s) [key, crt, pem etc. as per what issuer provided] to:

/etc/{Apache2, NGINX}/ssl/

Step 2. Update the vhost files for the server with the correct domain names that match the issued certificate.

e.g. yourdomainname.com ; www.yourdomainname.com

Step 3. update the vhost for 443 to have the certs point to the /etc/{Apache2, NGINX}/ssl/ path and correct filenames.

There are some examples in the vhost file.

Step 4. After these paths are updated you need to restart the web-server engine.

sudo service apache2 restart

or

sudo service nginx restart

Step 5. Testing! If you are using CloudFlare you can set to SSL to Full or Strict, then switch the CDN to grey for the DNS records involved.

Now you can test from a third-party TLS validator like SSL Checker to make sure the certificate chain is correct.

Step 6. If you are using CloudFlare put the CDN back online. [Orange] Make sure you receive NO cert errors when online.

At this point you should be 100%!

1 Comment

Leave a comment