VestaCP background 8083 port https is invalid?Install SSL Certificate Tutorial

VestaCP The control panel is simple and easy to use: Install VestaCP Control Panel, which can automatically install the security function of the Let's Encrypt SSL certificate, so it is well received by foreign countries.SEOPractitioners welcome.

What is Let's Encrypt?

Let's Encrypt is an SSL Certificate Authority launched on April 2016, 4.

• Provides a free X.509 certificate for Transport Layer Security (TLS) encryption through an automated process,
• Designed to eliminate the current manual creation, verification, signing, installation and updating of certificates for secure websites.

VestaCP control panel login page, using port 8083.

What is port 8083?

• 8083 is a proxy page and download file port, is a logical port.
• In network technology, ports include physical ports and logical ports.

Difference Between Physical Port and Logical Port

• Physical ports refer to ports that actually exist, such as ADSL modems, hubs, switches, and routers that connect to other network devices like RJ-45 ports, SC ports, etc.
• A logical port is a port that differentiates services by logical meaning, such as service ports in the TCP/IP protocol.The port number range is 0 to 65535.

However, currently the port 8083 of the VestaCP control panel is displayed by default without an SSL security certificate...

So, inInstall the VestaCP panelRear,Google ChromeThis prompt will appear:

Vesta login panel enable https

Step 1:Log in to VestaCP's admin panel using the hostname and port 8083 ▼

http:// 你的域名:8083/

Step 2: Go to VestaCP's WEB service and find the host name of your server, then click EDIT ▼

Step 3:Find and check SSL and Let's Encrypt "Enable SSL (SSL Support)" and "Use Let's Encrypt (Let's Encrypt Support)" ▼

• Then click Save (the administrator clicks Save and waits for about five minutes to view the application for an SSL certificate)

Step 4:Find the Let's Encrypt secure certificate storage location Let's Encrypt stores its SSL certificates in /home/username/conf/web/ Location. Please list their locations ▼

/home/username/conf/web/ssl.website.crt
/home/username/conf/web/ssl.website.key

VestaCP control panel, store its hostname SSL certificate in ▼

/usr/local/vesta/ssl/certificate.crt
/usr/local/vesta/ssl/certificate.key

Therefore, we need to first rename the old VestaCP certificate files to some dummy text so that VestaCP no longer uses them, and then symlink these files. Please follow the steps below to learn how to do this.

Step 5:SSH into your server and enter these 2 commands to rename the old files ▼

mv /usr/local/vesta/ssl/certificate.crt /usr/local/vesta/ssl/unusablecer.crt
mv /usr/local/vesta/ssl/certificate.key /usr/local/vesta/ssl/unusablecer.key

• If the following operations fail to take effect, causing the SSL link to fail, the website cannot be opened, and the SSL file "unusablecer"name, change back to the previous name"certified” without wasting time reinstalling the VestaCP panel.

Step 6:Create a symbolic link to point to the new symbolic link. Substitute your username, for example:admin will chenweiliang.com Replace with the hostname (FQDN) of your VPS server▼

ln -s /home/admin/conf/web/ssl.chenweiliang.com.crt /usr/local/vesta/ssl/certificate.crt
ln -s /home/admin/conf/web/ssl.chenweiliang.com.key /usr/local/vesta/ssl/certificate.key

Step 7:Restart VestaCP

service vesta restart

Step 8:Clear your browser cache and try again to log in to the VestaCP control panel using port 8083.

• Now your SSL on port 8083 is secure!

Broken permissions solution

To fix broken permissions, enter the following command▼

• will your.adminpanel.com Replace with the URL of your VestaCP management console.

chgrp mail ssl.your.adminpanel.com.key
chmod 660 ssl.your.adminpanel.com.key
chgrp mail ssl.your.adminpanel.com.crt
chmod 660 ssl.your.adminpanel.com.crt

The above is the method to enable the SSL certificate in the VestaCP background.

How to force domain name to use https SSL certificate?

Step 1:Install custom nginx template ▼

cd /usr/local/vesta/data/templates/web
wget http://c.vestacp.com/0.9.8/rhel/force-https/nginx.tar.gz
tar -xzvf nginx.tar.gz
rm -f nginx.tar.gz

Step 2:Set proxy template to force-https

• Create a new preset, or in an existing preset, set force-https as the Nginx proxy template.
• When adding new users, you can use the force-https template to assign permissions to users of the preset scheme.

HTTP is automatically redirected to HTTPS

How to redirect HTTP to HTTPS using htaccess? Do you want to automatically redirect a website to the secure (HTTPS) version of your website for encryption?

In the .htaccess file, add the following 301 redirect syntax▼

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

• The "L" in the above [R,L] means Last (Last), if other grammars also have this L, http cannot be automatically redirected to https.
• Therefore, it is recommended to redirect http301 to https syntax at the top (before other syntaxes).

If you want to add secure SSL certificates to your other domains in the VestaCP control panel, please check out this tutorial ▼

🔗How to use VestaCP panel? Install post office/add multiple domain names & file management