I have a running nethserver 7.7.1908 with all the usual RoundCube webmail, html dashboards, etc, but in addition, I have a phpBB3 forum running under /var/log/html, and a second website (different FQDN) running in a virtual host. Things seem to be running pretty well, but now I want to use a Let’sencrypt certificate, because my users are unhappy with the warnings they are seeing.
I’ve Googled around and found lots of partial answere, but what I’d like is a howto that walks a complete certificate novice through the process, as safely as possible because I can’t afford to get this wrong on a live production system.
Thanks for the help guys, that worked perfectly! Only thing I need to check with you is: do I need to do anything special for the additional website on the virtual host except edit the host to use the certificate…? It all seens to easy!
I browsed to the URL of the website on the Virtual Host, and its fine on http (of course). The I browsed using https, and got a warning:
"Web sites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for www.(virtualhost sitename).org. The certificate is only valid for www.(basehost sitename).net.
Error code: SSL_ERROR_BAD_CERT_DOMAIN
View Certificate"
I looked at the certificate, and it the right one for the main site so the error is not surprising, the virtual hosted site is trying to use the real hosted site’s certificate, and that is breaking security.
However, when I go to the virtual hosted enrty in the GUI, I only have the choice of the default platform certificate, or the one loaded from LetsEncrypt for the main site, so I went to the “Certificate” page and attempted to request a certificate for the virtual-hosted website and got the error:
Cancel that last question! I was using a wildcard @.(sitename).org DNS entry. I added a DNS entry for www.(sitename).org, and was able to get a certificate. Assigned that to the site, and all is well