b2evolution b2evolution

  • Sign in
  • Sign up
  • About
  • Downloads
  • Hosting
  • Docs
  • Support
  • Sign in
  • Sign up
  • Manuals Home
  • Latest Updates
 
  1. b2evolution CMS User Manual
  2. Operations Reference
  3. Security
  4. Using SSL

Using SSL

This page will be amended.

Getting an SSL certificate

There are a small amount of universally recognized SSL signing authorities.

However they have dozens of resellers who resell the same certificates cheaper as if you buy them from the source.

So shop around a little.

You may also buy the certificate directly from your hosting company, for convenience.

In many cases you only need a "DV" certificate which is certified to be issued to the owner of the domain (but which does not certify who the owner of the domain is).

Installing the certificate on the server

If you buy your certificate from you hosting company, then installation may be automatic.

Otherwise you will need to follow a procedure like this:

  • Generate a private key on your server
  • Generate a certificate signing request (CSR) based on that private key
  • Send this CSR to the signing authority
  • Get back a certificate
  • Install that certificate on your webserver
  • Tell Apache to use that certificate on SSL connection (port 443)
  • Restart Apache

If you see the warning:

[warn] _default_ VirtualHost overlap on port 443, the first has precedence

…when restarting apache you probably need to add NameVirtualHost *:443 to your /etc/apache2/ports.conf file (and restart apache again).

Testing the certificate

Before trying to use https with b2evolution, try to securely load a static image via https to validate that the certificate works.

For example try: https://your-awesome-domain.com/rsc/img/b2evolution8.png

Does the image appear with the SSL lock icon?

Enabling HTTPS for b2evolution

If you are switching all your site, change the Base URL ($baseurl).

If you need more granular control over what is going to be http or https, see Collection Base URL Panel.

Created by admin • Last edit by fplanque on 2020-06-09 00:24 • •

1 comment

Comment from: konkretor

Some information about SSL.

You can use https://letsencrypt.org/ to become a free ssl certificate for your root server.

Check your SSL Apache Settings with

https://www.ssllabs.com/ssltest/

You should have A in the test.

Tune your Apache SSL config

https://community.letsencrypt.org/t/howto-a-with-all-100-s-on-ssl-labs-test-using-apache2-4-read-warnings/2436

2017-06-07 @ 07:52

On this page

  • Getting an SSL certificate
  • Installing the certificate on the server
  • Testing the certificate
  • Enabling HTTPS for b2evolution

Search the Manual

Content Hierarchy

  • b2evolution CMS User Manual
  • User's Guide
  • Installation / Upgrade
  • Front-office Reference
  • Back-office Reference
  • Developer Reference
  • Operations Reference
    • Security
      • File Permissions
      • Using SSL
      • Exposing PHP Errors to Visitors
      • Crumbs (nonces)
      • mod_security
      • .htaccess Files
      • Brute force password attacks
      • How to change the location of admin.php
    • Fighting Spam
    • Performance
    • Using Multiple Domains
    • Intranet setup
    • LDAP Integration
    • Troubleshooting
    • Bundled Plugins
  • Advanced Topics
  • Glossary
  • Archives
Multiple blogs done right!

This online manual is powered by b2evolution CMS – A complete engine for your website.

About b2evolution

  • What is it?
  • Features
  • Getting Started
  • Screenshots
  • Online demo
  • Testimonials
  • Design philosophy
  • Free & open source
  • Terms of service

Downloads

  • Latest releases
  • Skins
  • Plugins
  • Language packs

About us

  • About us
  • Contact

Webhosting Guide

  • Web hosting blog
  • Best web hosting
  • Cheap web hosting
  • Green web hosting
  • Hosting with SSH
  • VPS hosting
  • Dedicated servers
  • Reseller hosting
  • Int'l: UK / France

Docs & Support

  • Online manual
  • Forums
  • Hire a pro !

Other

  • Adsense
  • Press room
  • Privacy policy

Stay in touch

  • GitHub
  • Twitter
  • Facebook
  • LinkedIn
  • News blog
  • RSS feed
  • Atom feed

Founded & Maintained by François Planque