“Let’s Encrypt” certificate on sites hosted in Virtualmin Part 2

This post continues from part 1. If you are here, you have already generated a SSL/TLS certificate from Let’s Encrypt. If you need to generate a new certificate, look the the previous post.

As in the previous post, and for the purposes of the post : The generated certificate is copied to

/home/domainuser/ssl_certs

where, domainuser is the folder/user of the domain “mydomain.xyz”.

All that remains now, is to set the certificates to the domain. This can be performed easily with virtualmin. In virtualmin, go to your domain/virtual server. In the virtualmin panel, go to Edit Virtual Server. There, in Enabled features click the checkbox for SSL website enabled? and enable it, if it is not already.

Once, SSL is enabled, go to Server Configuration->Manage SSL Certificate.

In the Manage SSL Certificate panel, go to tab Update Certificate and Key. In the panel, in Signed SSL Certificate part, click on the radio button beside File on server and enter the location to the cert.pem file, which would be

/home/domainuser/ssl_certs/cert.pem.

Do the same for the Matching private key part, select File on server and enter the location to the privkey.pem file, which would be

/home/domainuser/ssl_certs/privkey.pem.

It would be similar to the image below:

After everything is set, click on Install Now, which will install the certificates to the selected domain. Now, go to the CA Certificate tab and select the In file on server radio button. Give the location to the fullchain.pem file, which would be:

/home/domainuser/ssl_certs/fullchain.pem

After all is done, click on Save Certificate to save the ssl certificate to the domain.

Now, if we open https://mydomain.xyz (https:// with your domain), it can be seen that ssl certificate was enabled and attached with the domain. Now to always open the domain with https, open the terminal/bash and go to

/home/domainuser/public_html

That is the web root of mydomain.xyz. In the web root, create a .htaccess file if not already created, or open of file if already created. The following command can both open or create a new file if required.

vi .htaccess

Once the vi editor opens, press i on the keyboard to insert texts and enter the following text.

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.mydomain.xyz/$1 [R,L]

Press the Esc button and press :wq to save the file and quit the editor. And that’s it, a let’s encrypt certificate is enabled for the selected domain and the domain will always open with https. Even if one enters http://mydomain.xyz, it will automatically open https://www.mydomain.xyz.

References :

  1. https://en.wikipedia.org/wiki/Let’s_Encrypt
  2. https://letsencrypt.org/
  3. https://www.virtualmin.com/

1 comment

Leave a Reply

Your email address will not be published. Required fields are marked *