Howto test i-MSCP installer for SSL

  • [size=medium]Howto test i-MSCP installer for SSL (Git master)[/size]


    1. Create needed directories

    Code
    1. # mkdir -p /root/ssl/ca


    2. Create your private key and request for SSL certificate

    Code
    1. # openssl genrsa 2048 > /root/ssl/private.key# openssl req -new -key /root/ssl/private.key > /root/ssl/request.csrCountry Name (2 letter code) [AU]:FRState or Province Name (full name) [Some-State]:FRANCELocality Name (eg, city) []:EssonOrganization Name (eg, company) [Internet Widgits Pty Ltd]:i-MSCPOrganizational Unit Name (eg, section) []:DevelopmentCommon Name (eg, YOUR name) []:raring.nuxwin.comEmail Address []:[email protected]


    No need to set any other extra attribute.


    3. Create your CA

    Code
    1. # openssl genrsa -des3 2048 > /root/ssl/ca/ca.key# openssl req -new -x509 -days 365 -key /root/ssl/ca/ca.key > /root/ssl/ca/ca.crtCountry Name (2 letter code) [AU]:FRState or Province Name (full name) [Some-State]:FRANCELocality Name (eg, city) []:EssonOrganization Name (eg, company) [Internet Widgits Pty Ltd]:i-MSCPOrganizational Unit Name (eg, section) []:caCommon Name (eg, YOUR name) []:ca.nuxwin.comEmail Address []:[email protected]


    4. Signing your certificate with your CA

    Code
    1. openssl x509 -req -in /root/ssl/request.csr -out /root/ssl/certificate.crt \-CA /root/ssl/ca/ca.crt -CAkey /root/ssl/ca/ca.key -CAcreateserial -CAserial /root/ssl/ca/ca.srl


    Once it's done, you can test via i-MSCP (We assume that i-MSCP is already installed on your system):

    Code
    1. # perl imscp-autoinstall -dasr ssl


    1. Do you want to activate SSL for i-MSCP?
    --> Select yes
    2. Do you have an SSL certificate?
    --> Select yes
    3. Please selects your private key in next dialog.
    --> Just say OK
    4. Please enter the password for your private key if any:
    --> Leave empty or enter your password if you have one
    5. Select the private key (here /root/ssl/private.key) via the fselect box
    6. Do you have an intermediate certificate (CA Bundle)?
    --> Select yes
    7. Select the intermediate certificate (here /root/ssl/ca/ca.crt) via the fselect box
    8. Please selects your own certificate in next dialog.
    --> Just say OK
    9. Select the certificate (here /root/ssl/certificate.crt) via the fselect box


    At this step, if all goes fine, you will see the next box where you are asked for the default access mode (http or https).


    Note: In the sample above, no passphrase is set for the private key. To test with a protected private key, repeat the procedure but replace the first openssl command by:


    Code
    1. # openssl genrsa -des3 2048 > /root/ssl/private.key

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    Edited once, last by Nuxwin ().

  • Updated on 2013.08.15

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206