These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for Setting Up SSL on the new forum.
I decided I'd like to encrypt all my sites and servers. I use Virtualmin for all of them and GoDaddy for all of my domains. I'm given free SSL. What would be the best course of action to start setting up SSL encryption on all of my sites?
Howdy,
Well, these two documents describe setting up SSL:
http://www.virtualmin.com/documentation/tutorial/how-to-add-an-ssl-certi...
http://www.virtualmin.com/documentation/tutorial/how-to-add-multidomain-...
The catch here though is that you need one public IP address per SSL certificate. So if you want one SSL cert per domain, that could be a lot of IP addresses depending on how many domains you have :-)
You can use wildcard certs and UCC certs, but the downside there is that you're sharing one certificate across several domains.... that usually only works if it's the same person who owns all the domains.
-Eric
Hey. I'm interested in using the other kinds of certs then because I'm the owner of all the domains and there are about 10 on each Virtualmin server. Also I messed up in the first post I don't use GoDaddy I use Namecheap.
Yup, those namecheap certs should work just fine.
So, it sounds like you may want to look into their wildcard and UCC certificates.
-Eric
Yes, in your case -- since all the domains are owned by you -- you can keep the SSL cert on your primary IP address.
-Eric
So if I do share them all they will all need to use the same organization name?
Yup! SSL certs can only have one Organization name.
That said, most people won't notice what you set that to :-)
-Eric
Ok I added the CSR to Namecheap and uploaded my PositiveSSL certificate but when I go to my site it doesn't use SSL. I added it to mw3spot.com and I made sure to check the use SSL box and save.
Howdy,
Your SSL cert looks good! You just have to access your site using https:// if you want it to use SSL.
-Eric
Can I redirect everything and switch all my embedded content or would that be difficult?
You could try putting a .htaccess file in your public_html folder, and put this in it:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://mw3spot.com/$1 [R,L]
I already have a .htaccess that came with the script:
Mod_security can interfere with uploading of content such as attachments. If you cannot attach files, remove the "#" from the lines below. SecFilterEngine Off SecFilterScanPOST OffErrorDocument 401 default ErrorDocument 403 default ErrorDocument 404 default ErrorDocument 500 default
RewriteEngine On
Where can I add it in?
Try putting those lines at the beginning of your .htaccess file.
-Eric
Hmmm doesn't look like it worked.
Looks like it worked now. Chrome shows a crossed out SSL though. I think I'll have to find and edit the stuff with http://.
I'll just leave it at that. Thanks a lot :).