Do you know that Virtualizor install Let’s Encrypt is a sure-shot way of securing panel?
Virtualizor panel makes container management rather easy.
However, the steps for SSL install can be confusing.
At Bobcares, we often receive requests to install certificates as part of our Server Management Services.
Today, let’s discuss the easiest steps used by our Support Engineers to install it for the customers.
Why Virtualizor install Let’s Encrypt
As we all know, Virtualizor is a powerful web-based control panel. It helps the user to manage the VPS on servers with a single click.
And, when talking about Let’s Encrypt, it is a free, automated, and open Certificate Authority. It issues certificates for the domain names for free after domain name verification.
Virtualizor integrated the Let’s Encrypt feature from its version 2.8.8. And, this helps the users to manage the certificates for the domain names from the Virtualizor Admin panel.
Let’s now see how our Support Engineers easily install it for our customers.
How we install Let’s Encrypt?
Firstly, we access the Let’s Encrypt certificate Management from Virtualizor admin panel under SSL Settings >> LetsEncrypt.
To manage the certificate request for the domain, Virtualizor needs specific information. So, we need to fill up a configuration form that appears when we click on the “Install Certificate” button.
It includes information like Primary Domain, Contact Email, Key Size, Renew Days and so on.
The email address used by Let’s Encrypt CA for communication will be the one that we provide in this form.
And, the key size will be the domain’s certificate private keys length. Also, in renew days we specify the number of days after which the domain certificate issued should get auto-renewed.
Finally, after filling and saving the certificate configurations, we will be able to manage the certificates from the Virtualizor. The panel will be accessible at the secure URL https://Your-Server-IP:4083/ or https://Your-Server-IP:4085/
Common errors
Though the install of LetsEncrypt appears pretty straight-forward, users often end up in certain errors while securing Virtualizor panel. Let’s now check how our Dedicated Engineers deal with them.
1. Verification failure
Recently, one of our customers approached us with an error during LetsEncrypt installation. When he tried to install LetsEncrypt on his server via Virtualizor panel, he got the below error,
Error getting validation dataWhen installing a certificate from Let’s Encrypt, they will validate the domain names in that certificate using “challenges,” as defined by the ACME standard. This involves the HTTP-01 challenge or the DNS-01 challenge.
Upon checking, our Support Engineers found that there was no web server running on port 80 on the node. So, the verification failed with the HTTP-01 challenge on port 80.
Therefore, to resolve the error we manually perform the DNS challenge verification method. For that, we added a TXT record in the DNS records of the domain. Then we proceeded with the SSL install.
[root@nsxxxletsencrypt]# ./certbot-auto -d abc.domain.com --manual --preferred-challenges dns certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for abc.domain.com
2. Firewall Restrictions
Sometimes, even after installing the SSL certificate, we will get connection errors while accessing the Virtualizor panel. This happens mostly because of firewall restrictions.
Virtualizor panel will be accessed securely via port 4083 or 4085. If these ports are not open, then it shows connection errors. Therefore, we make sure to open the relevant ports in the firewall of the node too.
[Need more assistance to secure Virtualizor panel?- We’re available 24/7.]
Conclusion
In short, we install Let’s Encrypt in Virtualizor to secure the Virtualizor Admin panel. It also allows managing the certificates for the domain names. In today’s writeup, we discussed how our Support Engineers install it easily for our customers.
0 Comments