[size=medium]Howto test i-MSCP installer for SSL (Git master)[/size]
1. Create needed directories
2. Create your private key and request for SSL certificate
- # openssl genrsa 2048 > /root/ssl/private.key# openssl req -new -key /root/ssl/private.key > /root/ssl/request.csrCountry Name (2 letter code) [AU]:FRState or Province Name (full name) [Some-State]:FRANCELocality Name (eg, city) []:EssonOrganization Name (eg, company) [Internet Widgits Pty Ltd]:i-MSCPOrganizational Unit Name (eg, section) []:DevelopmentCommon Name (eg, YOUR name) []:raring.nuxwin.comEmail Address []:l.declercq@nuxwin.com
No need to set any other extra attribute.
3. Create your CA
- # openssl genrsa -des3 2048 > /root/ssl/ca/ca.key# openssl req -new -x509 -days 365 -key /root/ssl/ca/ca.key > /root/ssl/ca/ca.crtCountry Name (2 letter code) [AU]:FRState or Province Name (full name) [Some-State]:FRANCELocality Name (eg, city) []:EssonOrganization Name (eg, company) [Internet Widgits Pty Ltd]:i-MSCPOrganizational Unit Name (eg, section) []:caCommon Name (eg, YOUR name) []:ca.nuxwin.comEmail Address []:l.declercq@nuxwin.com
4. Signing your certificate with your CA
Once it's done, you can test via i-MSCP (We assume that i-MSCP is already installed on your system):
1. Do you want to activate SSL for i-MSCP?
--> Select yes
2. Do you have an SSL certificate?
--> Select yes
3. Please selects your private key in next dialog.
--> Just say OK
4. Please enter the password for your private key if any:
--> Leave empty or enter your password if you have one
5. Select the private key (here /root/ssl/private.key) via the fselect box
6. Do you have an intermediate certificate (CA Bundle)?
--> Select yes
7. Select the intermediate certificate (here /root/ssl/ca/ca.crt) via the fselect box
8. Please selects your own certificate in next dialog.
--> Just say OK
9. Select the certificate (here /root/ssl/certificate.crt) via the fselect box
At this step, if all goes fine, you will see the next box where you are asked for the default access mode (http or https).
Note: In the sample above, no passphrase is set for the private key. To test with a protected private key, repeat the procedure but replace the first openssl command by:
