Home » Wiki » How to Install an SSL Certificate on Sentora?

How to Install an SSL Certificate on Sentora?

by | SSL Installation Guides

How to Install an SSL Certificate on Sentora

Installing SSL Certificate on Sentora Control Panel

To install an SSL certificate on Sentora, first purchase your certificate from a trusted certificate authority like Let’s Encrypt or Sectigo. Then upload the certificate files to your Sentora panel under Security > SSL Certificates. Select your domain name, choose the certificate type as PEM, and upload the certificate, private key, and CA bundle or intermediate certificates.

Finally, edit your domain under Domains > Manage Domains, check the option for HTTPS/SSL, select your uploaded certificate for the domain, and save changes. This will activate HTTPS and SSL on your Sentora control panel and websites. Be sure to adjust any references to HTTP URLs in scripts, databases, and applications to use the new HTTPS URLs after installing the SSL certificate in Sentora.

In this comprehensive guide, we will walk through the entire process of installing an SSL certificate on Sentora, from purchasing the certificate to properly configuring the panel.

Prerequisites Before Installing SSL Certificate on Sentora

Before starting, make sure you have the following:

  • Access your Sentora control panel as an administrator.
  • A registered domain name pointed to your Sentora server.
  • An SSL certificate file from a trusted Certificate Authority (CA) like Comodo, GoDaddy, Digicert, etc. This usually has a .crt extension.
  • The intermediate certificate bundle from the CA if provided. This usually has a .cab extension.
  • The SSL certificate’s private key. This has a .key extension and is crucial for installing the certificate.

If you don’t have an SSL certificate yet, you will need to purchase one prior to following this guide. Make sure to go for a standard domain validation certificate and not a wild card or multi-domain cert.

A Step-by-Step Guide to Install SSL Certificate on Sentora

Installing SSL certificate on Sentora involves a few key steps:

Step 1 – Upload the SSL Certificate and Key

  • Log in to your Sentora control panel.
  • Go to SSL Certificates under the Advanced section in the left sidebar.
  • Click on Add SSL Certificate on this page.
  • In the new page that opens, fill in the following:
  • Domain – Enter your registered domain name for which you have the SSL certificate.
  • Certificate file – Upload the .crt file you received from the SSL provider.
  • Certificate key file – Upload the .key file.
  • Certificate Authority Bundle – If your provider gave a .cab file, upload it here. Otherwise leave it blank.
  • Alternative names – If your cert has Subject Alternative Names (SAN), enter them separated by commas. Otherwise leave it blank.
  • Click Add SSL Certificate at the bottom to upload the files.

The certificate and key will now be installed and listed on the SSL Certificates page.

Step 2 – Configure Apache to Use SSL

Now that the SSL certificate is uploaded to Sentora, we need to configure Apache web server to actually use it.

  • Go to Apache Settings under Advanced in the sidebar.
  • Under Apache Configuration Edit, scroll down and find the <VirtualHost *:80> section.
  • Just below this section, add the following lines:
<virtualhost :443="">
ServerName yourdomain.com
DocumentRoot "/home/user/public_html"
SSLEngine On 
SSLCertificateFile /home/sentora/panel/config/ssl/yourdomain.crt
SSLCertificateKeyFile /home/sentora/panel/config/ssl/yourdomain.key
<ifmodule mod_headers="" c="">
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" env=HTTPS
</ifmodule>
</virtualhost>

Replace yourdomain.com with your actual registered domain. Also make sure the certificate file path and key file path correctly point to the .crt and .key files you uploaded earlier.

  • Click Save at the bottom to save the updated Apache configuration.

These additions enable SSL and instruct Apache to use the installed certificate and key for HTTPS connections.

Step 3 – Redirect HTTP to HTTPS

At this point, your website should already be HTTPS enabled. However we need to redirect all HTTP requests to HTTPS to avoid duplicate content issues.

To do this:

  • Go to Apache Settings in Sentora again.
  • Under the <VirtualHost *:80> section, add the following lines before the closing tag:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
  • Click Save to save the Apache configuration changes.

This will redirect all HTTP traffic to the HTTPS version of the site.

Step 4 – Change Base URLs to HTTPS

The final step is to change the base URLs in Sentora to use HTTPS so there are no mixed content warnings.

  • Go to General Settings under Preferences in the sidebar.
  • Change the following settings:
  • Panel URL – Change to use https://
  • Post URL – Change to use https://
  • Click Save Changes at the bottom.

This will update Sentora to use secure HTTPS URLs by default.

And that’s it! Your Sentora control panel should now have a valid SSL certificate installed and enabled. Test it out by visiting your site over HTTPS and verifying the padlock icon and security certificate.

Troubleshooting Issues

If you followed all the steps but are still facing issues with enabling HTTPS or SSL errors, here are some things to check:

  • Make sure your domain name resolves correctly to your Sentora server’s IP address. This is required for SSL certificates to work.
  • Double check that the certificate files uploaded to Sentora match the private key file. SSL will fail to activate if there is a mismatch.
  • Verify that the certificate file paths provided in the Apache configuration are correct and point to the actual .crt and .key files.
  • Check for typos in the <VirtualHost> settings for port 443. The slightest error here can prevent SSL from working.
  • Try restarting Apache after making any changes to the configuration file.
  • Verify that your firewall, hosting provider or server configuration is not blocking port 443 which is used for HTTPS.
  • Make sure your SSL certificate is still valid and not expired. Expired certs will cause browser security errors.
  • Try a different browser if one browser shows certificate errors while another doesn’t. Browsers maintain their own certificate trust stores.
  • Seek assistance from your hosting provider’s support team if you cannot resolve the problem. They may help identify and fix any server-level issues.

Following these troubleshooting tips carefully should help identify and resolve any problems in getting SSL working on your Sentora installation.

Conclusion on Install SSL Certificate on Sentora

Installing an SSL certificate allows you to enable HTTPS, provide secure connectivity, gain your visitors’ trust, and get a ranking boost from Google. By following this comprehensive guide, you can easily add SSL encryption to your Sentora-powered website.

The process involves purchasing the certificate, uploading it to Sentora, configuring Apache correctly, forcing HTTPS redirection, and updating base URLs. Some troubleshooting may be needed if you run into problems. But once set up properly, the SSL certificate will securely encrypt all connections to your website.

Frequently Asked Questions on Install SSL Certificate on Sentora

Here are some common questions related to installing SSL certificates on Sentora:

Do I need a dedicated IP address for SSL?

No, you can install SSL certificates on Sentora even with a shared IP address.

What is the process of renewing an SSL certificate on Sentora when it expires?

Simply upload the renewed certificate and key files, modify the file paths if needed, and restart Apache. The process remains the same as the initial installation.

How do I uninstall an SSL certificate from Sentora?

On the SSL Certificates page, click the red X icon for the certificate you want to remove. Then restart Apache.

Can I have multiple SSL certificates for different domains on one Sentora instance?

Yes, Sentora allows installing unlimited SSL certificates for all your domains. The process has to be repeated for each additional certificate.

Is a wild card certificate better or a dedicated certificate for each domain?

For most cases, individual certificates for each domain you need secured are better. Wild card certificates become complex to manage for multiple sites.

What is an SSL certificate chain bundle, and do I need it?

The SSL certificate chain completes the trust chain between your certificate and root certificate authority. Providing the .cab bundle prevents trust errors but isn’t mandatory.

Is Extended Validation (EV) SSL needed or is a simple DV certificate enough?

For most websites, a basic DV certificate provides sufficient encryption. EV certificates provide extra validation and legal assurance but cost a lot more.

What cipher suites should I use for my SSL certificate?

Stronger cipher suites like AES256 or AES128 are recommended for optimal security. Weak ciphers like DES, 3DES, or RC4 should be avoided when possible.