Easy Instructions install Lets Encrypt for Zpanel / Sentora

These instructions work for Zpanel on Centos 6.
Requires replacing the contents of ssl.conf.
The contents of the example file were from an old openssl tutorial I found and modified it to fit.
I am not, but there are many experts here they may like to help with the fine tuning of the ssl.conf file.

Zpanel has been renamed to Sentora.
(So change the words to fit your panel and your domain/s)

  1. READ the entire contents of this post before you start.
    You will need to know how to restart apache eg service httpd restart

  2. Find the username for yourdomain/s.com
    cd /var/zpanel/hostdata
    the path format is
    /var/zpanel/hostdata/username/public_html/yourdomain_com
    NOTE: the end of the path is yourdomain_com not yourdomain.com

  3. Install the certificates
    using certbot-auto certonly
    follow the directions and enter the path from step 2.

  4. Make a backup of ssl.conf
    cp -a /etc/httpd/conf.d/ssl.conf ssl.conf.backup

  5. Open ssl.conf
    nano /etc/httpd/conf.d/ssl.conf
    delete everything in the file and paste the below into the file.
    replace the username and yourdomain.com with your details.
    (then goto step 5 below)

###############copy from here
LoadModule ssl_module modules/mod_ssl.so

Listen 443

NameVirtualHost *:443

SSLPassPhraseDialog  builtin
SSLSessionCacheTimeout  300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
SSLStrictSNIVHostCheck off

<VirtualHost *:443>
DocumentRoot /var/zpanel/hostdata/zadmin/public_html/yourdomain_com
ServerName yourdomain.com
ServerAlias yourdomain.com www.yourdomain.com
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/yourdomain.com/chain.pem
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

<VirtualHost *:443>
DocumentRoot /var/zpanel/hostdata/username/public_html/yourdomain2_com
ServerName yourdomain2.com
ServerAlias yourdomain2.com www.yourdomain2.com
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/yourdomain.com/chain.pem
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

<VirtualHost *:443>
DocumentRoot /var/zpanel/hostdata/username/public_html/anotherdomain_com
ServerName anotherdomain.com
ServerAlias anotherdomain.com www.anotherdomain.com
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/letsencrypt/live/anotherdomain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/anotherdomain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/anotherdomain.com/chain.pem
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
################# end copy here
  1. Restart Apache
    Apache should restart
    If not it will be a syntax error. Check the contents of ssl.conf.

I have one certificate with a few child domains and another certificate with a single domain.
All working beautifully,

Thankyou letsEncrypt.
Lets Encrypt the Web…

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.