This guide is useful if you're using HostBill Multi-Brand module on HostBill Enterprise install. This guide assumes you're familiar with linux file editors (like vim or nano).
| Info | ||
|---|---|---|
| ||
Replace any occurence occurrence of yourbrand.com below with hostname you're adding |
Issuing CSR / private key for new certificate:
Lets first create dir to store certificate requests and private keys:Code Block mkdir /etc/ssl/certificates cd /etc/ssl/certificates/
Next, we'll issue CSR for new host, you will be prompted with a series of questions, answer them (when asked about passphrase you can leave it blank):
Code Block openssl req -new -newkey rsa:2048 -nodes -keyout yourbrand.com.key -out youtbrand.com.csr
Issue SSL certificate
Use generated CSR with your SSL Certificates reseller to generate certificate. Once ready, paste its contents to:Code Block /etc/ssl/certificates/yourbrand.com.crt
Placing your site certificate at top of said file, followed by Intermediate certificate (if any)Adding new vhost (server block) to nginx:
Make a copy /etc/nginx/conf.d/main.conf file:Code Block cp /etc/nginx/conf.d/main.conf /etc/nginx/conf.d/yourbrand.com.confUpdate ssl_certificate* and server_name blocks in /etc/nginx/conf.d/yourbrand.com.conf file:
Code Block include /etc/nginx/upstreams/*.conf; server { listen 80; server_tokens off; return 301 https://$host$request_uri; } server { listen 443 ssl; server_name yourbrand.com www.yourbrand.com; server_tokens off; charset utf-8; sendfile on; tcp_nopush on; tcp_nodelay off; reset_timedout_connection on; location ~* ^.+\.(jpg|gif|png|css|js|swf|ico)$ { access_log off; log_not_found off; expires 1y; } include /etc/nginx/ssl.conf; include /etc/nginx/locations/*.conf; ssl_certificate /etc/ssl/certificates/yourbrand.com.crt; ssl_certificate_key /etc/ssl/certificates/yourbrand.com.key; }