DigitalOcean Kubernetes: new control plane is faster and free, enable HA for 99.95% uptime SLA

Question

Install SSL certificate manually on serverpilot

  • Posted on February 6, 2015
  • dacevedoAsked by dacevedo

Hi, do guys know if is possible to install a SSL certificate on serverpilot but no by the panel? I mean, i have the free plan so that option is not available. Can i do it by my self?

Show comments
Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Sign up now

Nikhil SharmaMarch 24, 2015

Answering here in case others are searching for a solution:

ServerPilot uses Nginx as the public facing web server and proxies the requests to Apache. So, we have to add our SSL configuration to Nginx.

Steps:

Login to the server using SSH

Create a directory to hold the certificate and key files.

cd /home
mkdir -p certs/domain_name

Copy the certificate (.crt) and private (.key) files to this directory. Replace domain_name with your domain name.

Add custom SSL configuration here:

cd /etc/nginx-sp/vhosts.d
nano APP_NAME.ssl.conf

Replace APP_NAME with your actual app name (website). Put this inside the file APP_NAME.ssl.conf:

###############################################################################
# Install SSL Certificate
###############################################################################

server {
    listen       443 ssl;
    listen       [::]:443 ssl;
    server_name
        www.DOMAIN.com
        DOMAIN.com
      ;

    ssl_certificate /home/certs/domain_name/certificate_file.crt;
    ssl_certificate_key /home/certs/domain_name/privatekey_file.key;

    root   /srv/users/serverpilot/apps/APP_NAME/public;

    access_log  /srv/users/serverpilot/log/APP_NAME/APP_NAME_nginx.access.log  main;
    error_log  /srv/users/serverpilot/log/APP_NAME/APP_NAME_nginx.error.log;

    proxy_set_header    Host              $host;
    proxy_set_header    X-Real-IP         $remote_addr;
    proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;

    include /etc/nginx-sp/vhosts.d/APP_NAME.d/*.nonssl_conf;
    include /etc/nginx-sp/vhosts.d/APP_NAME.d/*.conf;
}

As usual, replace APP_NAME, domain_name, certificate_file and privatekey_file with your own values.

Restart Nginx

service nginx-sp restart

That’s it. The SSL certificate is installed.

Shalin TJFebruary 21, 2016

I recently wrote a detailed tutorial for it… The actual SSL installation and configuration on ServerPilot will take less than 10 minutes. You can check it out over here:

https://www.blogmehow.com/how-to-manually-install-ssl-on-serverpilot-free-plan-1331/

Let me know if it helps…

reganJuly 21, 2015

NikhilSharma thanks heaps!!

Here’s the final .ssl.conf file with the changes incorporated from the comments above.

server {
listen 443 ssl;
listen [::]:443 ssl;
server_name
www.DOMAIN.com
DOMAIN.com
;

ssl on;

ssl_certificate /home/certs/domain_name/certificate_file.crt;
ssl_certificate_key /home/certs/domain_name/privatekey_file.key;

root   /srv/users/serverpilot/apps/APP_NAME/public;

access_log  /srv/users/serverpilot/log/APP_NAME/APP_NAME_nginx.access.log  main;
error_log  /srv/users/serverpilot/log/APP_NAME/APP_NAME_nginx.error.log;

proxy_set_header    Host              $host;
proxy_set_header    X-Real-IP         $remote_addr;
proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
proxy_set_header    X-Forwarded-SSL on;
proxy_set_header    X-Forwarded-Proto $scheme;

include /etc/nginx-sp/vhosts.d/APP_NAME.d/*.nonssl_conf;
include /etc/nginx-sp/vhosts.d/APP_NAME.d/*.conf;
}

Make sure you replace APP_NAME, domain_name, certificate_file and privatekey_file with your own values.

If your paths are incorrect you will either get an error when your restart Nginx or a 403 error when you visit your website.

Restart Nginx

service nginx-sp restart

Try DigitalOcean for free

Click below to sign up and get $100 of credit to try our products over 60 days!

Sign up