Okay, so this article was helpful. My cert is installed and I can get into the ISPConfig admin GUI okay with the EV SSL encryption.
However, I did NOT use ISPConfig's built in SSL cert generation/install for ISPConfig managed websites to create the CSR to send to COMODO. Instead, I followed COMODO's instructions for generating the CSR for my EV SSL certificate from the command line. The EV SSL that I installed per the instructions in this article is working with fine with the ISPConfig admin GUI, but it is not working for the site that I had configured inside of ISPConfig. How can I install this cert to work with my ISPConfig created website?
My main server FQDN is www.fullcolorenv.com
, the site that I set-up/configured in ISPConfig is also www.fullcolorenv.com
. Not sure if this is important, but there it is.
I attempted to install the COMODO provided crt and server generated key and csr files into my ISPConfig configured web account's 'ssl' directory, but after I do this and restart ISPConfig, when I attempt to go to https://www.fullcolorenv.com
, I am getting messages that the site is not trusted because the certificate appears to be self signed. I notice that there is a key.org file in that directory too, what is this file? I tried installing the ca-bundle that I received from COMODO in my site's ssl folder as the key.org file, but that didn't do anything either.
I have gone into the Vhost config file found in /etc/apache2/vhosts and made sure that the ssl directives are pointing to the appropriate files, I added the SSLCACertificateFile directive and pointed it to the ca-bundle that I copied into my site's ssl directory. Still, I get the "untrusted" message.
I then just outright pointed those directives to where I installed the certificate using the instructions in the post above, and this time I can see a page, but there is a alert message that some items on the page are not encrypted. So I feel that I am close, but I want the site as ISPConfig created it, to work like ISPConfig expects it too....