Back to Home

Free SSL for CP Vesta - easy. And SSL for Laravel

ssl certificates · vesta · laravel

Free SSL for CP Vesta - easy. And SSL for Laravel

Hello friends. I don’t tell anyone the secret that the work of sites via https protocol is becoming not just the norm, but already a prerequisite. But so many sites still continue to work through an insecure http protocol. However, a large number of site owners are already considering switching to SSL. When searching for information on how to obtain a security certificate, resource owners face a number of difficulties. This is the choice of the type of certificate, price, the need for complex registration, proof of identity and more. It repels many, inexperienced users, pushing the switch to a secure protocol to the back burner. But there is a way! Simple, free and fast.

In a specific case, I will tell you how to get and configure an SSL certificate from an excellent Let's Encrypt project for the Vesta control panel for free. I assume that you have Git installed and you are using CP Vesta. If Git is not installed, then you need to install it. I execute all commands under the CentOS 6.x system. For other assemblies, the essence does not change.

For maximum convenience, you can create a bash script, which can be called, for example, ssl.sh:

#!/bin/bash
# How to Install Let’s Encrypt Certificate on VestaCP
USERNAME = 'username'
DOMAIN = 'mydomain.com'
# Go to folder
cd /usr/local
# Clone git repositories
git clone https://github.com/letsencrypt/letsencrypt.git
git clone https://github.com/interbrite/letsencrypt-vesta.git
git clone https://github.com/certbot/certbot.git
# Create the “webroot” directory where Let’s Encrypt will write the files needed for domain verification.
mkdir -p /etc/letsencrypt/webroot
# Now also symlink the Apache conf file in your Apache conf.d directory.
ln -s /usr/local/letsencrypt-vesta/letsencrypt.conf /etc/httpd/conf.d/letsencrypt.conf
# Symlink letsencrypt-auto and letsencrypt-vesta in /usr/local/bin for easier access. 
ln -s /usr/local/letsencrypt/letsencrypt-auto /usr/local/bin/letsencrypt-auto
ln -s /usr/local/letsencrypt-vesta/letsencrypt-vesta /usr/local/bin/letsencrypt-vesta
# Restart server
service httpd restart
# Install at
yum install at
# Command for get SSL certificate and automatic Renewals every 60 days
letsencrypt-vesta -a 60 $USERNAME $DOMAIN

A few words of explanation. In the USERNAME variable, you must specify the user for whom the certificate will be received. For Vesta, the default is admin. DOMAIN is the domain variable for which you want to receive a certificate. You need to specify a bare host, for example, site.com

Further everything goes like clockwork. There will be a transition to the directory necessary for installation, repositories from github will be cloned. A directory will be created to store the configuration files. After that, config links will be created and the Apache server will be restarted.

After the server is restarted, a request will be made to the Let's Encrypt server to generate and obtain a certificate for a specific user and domain. All certificates and configs will be created for Vesta completely automatically, and the site in the settings will be marked as supporting SSL.

If your user name is admin, then the certificates for the domain you specified will be copied to the directory / home / admin / conf / web, plus two additional configs will appear: shttpd.conf and snginx.conf. The first for Apache, the second for Nginx. If you need to correct the paths for your root directory, then this can be done in these configs, since the paths will be registered by default to public_html.

So, go ssh to your server as root. Create a script or simply enter commands manually. If you created a script, then do not forget to put execution rights - 755. Run the script and voila. Your site already has a certificate. All that remains is to do a 301 redirect from http to https.

The certificate will be valid only 90 days. Therefore, the last lines in the script make it possible to receive a new certificate every 60 days in automatic mode.

If you use the Laravel 5.3 framework, then you will encounter the difficulty that all your images and links do not work through https, but continue to use the http protocol. What the error will immediately be shown to the user.

There is a simple and elegant solution to solve this problem. You just need to "force" the links in AppServiceProvider.php:

    public function boot()
    {
        // If production site.
        if (env('APP_ENV') === 'production') {
            // Change all links to https.
            \URL::forceSchema('https');
        }
    }


The essence of forcing is to automatically replace all links to a new protocol, as can be seen from the code.

That's all. If you want to do this trick for your various sites, then just change the domain in the script to the one you need.

What do we have in the finale? Running one script with one line: sh ssl.sh And your site is already working on a secure protocol, without any unnecessary headache. Good luck to all.

Read Next