Article directory
VestaCP The control panel is simple and easy to use:
Install VestaCP Control Panel, which can automatically install the security function of the Let's Encrypt SSL certificate, so it is well received by foreign countries.SEOPractitioners welcome.
What is Let's Encrypt?
Let's Encrypt is an SSL Certificate Authority launched on April 2016, 4.
- Provides a free X.509 certificate for Transport Layer Security (TLS) encryption through an automated process,
- Designed to eliminate the current manual creation, verification, signing, installation and updating of certificates for secure websites.
VestaCP control panel login page, using port 8083.
What is port 8083?
- 8083 is a proxy page and download file port, is a logical port.
- In network technology, ports include physical ports and logical ports.
Difference Between Physical Port and Logical Port
- Physical ports refer to ports that actually exist, such as ADSL modems, hubs, switches, and routers that connect to other network devices like RJ-45 ports, SC ports, etc.
- A logical port is a port that differentiates services by logical meaning, such as service ports in the TCP/IP protocol.The port number range is 0 to 65535.
However, currently the port 8083 of the VestaCP control panel is displayed by default without an SSL security certificate...
So, inInstall the VestaCP panelRear,Google ChromeThis prompt will appear:
- Your connection is not a private connection
- Attackers may try to steal your information (eg passwords, communications or credit card information).
Vesta login panel enable https
Step 1:Login to VestaCP's Admin Panel
Use hostname and port 8083 ▼
http:// 你的域名:8083/
Step 2: Enter VestaCP's WEB service
Find your server's hostname and click EDIT ▼
Step 3:Find and tick SSL and Let's Encrypt
"Enable SSL (SSL Support)", "Adopt Let's Encrypt (Let's Encrypt Support)" ▼
- Then click Save (the administrator clicks Save and waits for about five minutes to view the application for an SSL certificate)
Step 4:Find the location where the Let's Encrypt security certificate is stored
Let's Encrypt stores its SSL certificates in /home/username/conf/web/ in location.
Please list their locations ▼
/home/username/conf/web/ssl.website.crt /home/username/conf/web/ssl.website.key
VestaCP control panel, store its hostname SSL certificate in ▼
/usr/local/vesta/ssl/certificate.crt /usr/local/vesta/ssl/certificate.key
So we need to first rename the old VestaCP certificate file to some dummy text,
So that VestaCP doesn't use them anymore, then symlink the files.
Follow the steps below to learn how to do this.
Step 5:SSH into your server
Enter these 2 commands to rename old files ▼
mv /usr/local/vesta/ssl/certificate.crt /usr/local/vesta/ssl/unusablecer.crt mv /usr/local/vesta/ssl/certificate.key /usr/local/vesta/ssl/unusablecer.key
- If the following operations fail to take effect, causing the SSL link to fail, the website cannot be opened, and the SSL file "unusablecer"name, change back to the previous name"certified” without wasting time reinstalling the VestaCP panel.
Step 6:Create a symlink to point to the new symlink
Please replace your username like:admin
will chenweiliang.com Replace with the hostname (FQDN) of your VPS server▼
ln -s /home/admin/conf/web/ssl.chenweiliang.com.crt /usr/local/vesta/ssl/certificate.crt ln -s /home/admin/conf/web/ssl.chenweiliang.com.key /usr/local/vesta/ssl/certificate.key
Step 7:Restart VestaCP
service vesta restart
Step 8:clear browser cache
Then, retry logging into the VestaCP control panel using port 8083.
- Now your SSL on port 8083 is secure!
Broken permissions solution
To fix broken permissions, enter the following command▼
- will your.adminpanel.com Replace with the URL of your VestaCP management console.
chgrp mail ssl.your.adminpanel.com.key chmod 660 ssl.your.adminpanel.com.key chgrp mail ssl.your.adminpanel.com.crt chmod 660 ssl.your.adminpanel.com.crt
The above is the method to enable the SSL certificate in the VestaCP background.
How to force domain name to use https SSL certificate?
Step 1:Install custom nginx template ▼
cd /usr/local/vesta/data/templates/web wget http://c.vestacp.com/0.9.8/rhel/force-https/nginx.tar.gz tar -xzvf nginx.tar.gz rm -f nginx.tar.gz
Step 2:Set proxy template to force-https
- Create a new preset, or in an existing preset, set force-https as the Nginx proxy template.
- When adding new users, you can use the force-https template to assign permissions to users of the preset scheme.
HTTP is automatically redirected to HTTPS
How does VestaCP redirect HTTP to HTTPS using htaccess?
Do you want to automatically redirect your website to a secure (HTTPS) version of your website for encryption?
In the .htaccess file, add the following 301 redirect syntax▼
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]- The "L" in the above [R,L] means Last (Last), if other grammars also have this L, http cannot be automatically redirected to https.
- Therefore, it is recommended to redirect http301 to https syntax at the top (before other syntaxes).
If you want to add secure SSL certificates to your other domains in the VestaCP control panel, please check out this tutorial ▼
Hope Chen Weiliang Blog ( https://www.chenweiliang.com/ ) shared "VestaCP background port 8083 https is invalid?Install SSL Certificate Tutorial" to help you.
Welcome to share the link of this article:https://www.chenweiliang.com/cwl-705.html
Welcome to the Telegram channel of Chen Weiliang's blog to get the latest updates!
📚 This guide contains huge value, 🌟This is a rare opportunity, don’t miss it! ⏰⌛💨
Share and like if you like!
Your sharing and likes are our continuous motivation!