Joined: 22 Jun 2010
|Posted: Thu Jan 14, 2021 1:45 am Post subject: SSL certs made easy with ZeroSSL!
Here to contribute another guide for those who may be interested in implementing SSL on their web server in a straightforward way.
All this will require is your running AAWS (Aprelium Abyss Web Server) with some imported certificates which are generated by ZeroSSL and confirmed via your domain name DNS records.
To begin, create an account at ZeroSSL: https://zerossl.com/
This account is free, although they offer a paid service for more convenience and less limitations. The free account will do fine for one or two domain names hosted on your server. I am using AAWS V2 (the paid version) but this process should still work for v1 if you only need one host for one domain.
Please note that this method does not work for domains that are setup to be inside of an invisible frame (IP forwarded domain names).
The free certificate will need to be manually renew every 90 days, but the process is simple enough that it only takes a moment of your time.
How to issue new certification via ZeroSSL and validate on your Domain Name Service via CNAME dns record
Create a new certificate on ZeroSSL, when it asks how you want to authenticate, set it to DNS record which will generate some information, simply follow the instructions provided by ZeroSSL to input that data into your Domain Name DNS Records. After verifying your control of the domain via CName DNS records, you may move on to the next step.
How to implement the certificate you generated into your Aprelium Abyss Web Server
Download the [default] certificate .zip provided by ZeroSSL.
Open Aprelium Abyss Web Server admin console, navigate to SSL Certificates.
Add the private key that is in the zip downloaded from ZeroSSL into the private keys section.
Simply click add, name the key for reference, select 'import' in the action drop down box, open the contents of the provided certification you downloaded and paste into the input box and click ok.
In the 'Certificate Store' area, click add, set a name you can recognize for reference and select the private key you just made in the private key drop down box.
Paste the contents of the Certificate file you downloaded from ZeroSSL into the Certificate-Store - Main Certificate box and into the CA Root Certificate box.
Paste the contents of the CA_bundle file in the zip you downloaded into the intermediate box, Click Ok.
Navigate into your Host configuration > General section. Set your server to HTTP+HTTPS. Set your certificate type to 'From the certificate store'. Make sure you have the ports forwarded on your router and OS firewall (80 and 443, or whatever you want to use).
Done. Restart the server.
If there are any issues with this guide or you need more information or run into an issue I didn't cover, please post in the thread.