UPDATE: having issues with firefox (Error code: sec_error_unknown_issuer)
- - i used “Server Certificate Bundle with CRLs (PEM encoded)” – the third option – problem now fails on StartSSL test, but at least firefox is working.
================
0) disable SSLv3 in the following:
/etc/httpd/conf.d/ssl.conf
/etc/httpd/conf/httpd.conf
SSLProtocol all -SSLv2 -SSLv3 ## add SSLv3
These instructions are written from this.
1) get certificate, i started with StartSSL (free) and might try Comodo instead ($10 a year)
2) log into virtualmin,
- – 2a) edit virtual server
- – 2b) enabled features (last option)
- – 2c) check “ SSL website enabled?”
3) Server Configuration
- – 3b) Manage SSL Certificate
- – 3c) Create Signing Request (second tab)
- – 3d) fill out page and “generate CSR now” button
- – 3e) click-COPY the generated stuff
4) take copy stuff and go to the certificate company website, enter stuff from step 3e
- – 4b) website should generate certificate
5) back to “Server Configuration”
- – 5b) last tab “Update Certificate and Key” – enter key from previous step
TESTING:
https://www.geocerts.com/ssl_checker
ssllabs.com
https://www.digicert.com/help/
