In some cases, you may want to run a custom non Let’s Encrypt based SSL. Here’s the process to do that:
Although it is possible to set up a custom SSL in gridpane, please note that after the set up you cannot use the SSL toggle at all.
The process is manual and will require you to log into the terminal. (https://gridpane.zendesk.com/hc/en-us/articles/360033232852-Connect-to-a-GridPane-server-by-SSH-as-Root-user-)
Step 0. Toggle the SSL on to get a Let’s Encrypt SSL. This helps get the proper nginx vhost.
Step 1. Create the following folder if it does not exist:/etc/nginx/ssl/{site.url}
This is where your certificates are going to be stored
Step 2. You will need to edit your virtual host removing the /etc/letsencrypt lines and adding the following 2 lines:
ssl_certificate /etc/nginx/ssl/{site.url}/cert.pem
ssl_certificate_key /etc/nginx/ssl/{site.url}/key.pem
Your virtual server can be found at /etc/nginx/sites-available/{site.url}
If your custom certificates are in crt format, you will need to convert them:
openssl x509 -in /path/to/cert.crt -out /etc/nginx/ssl/{site.url}/cert.pem
And if you have a .key files you will need to convert it:
openssl rsa -in /path/to/key.key -out /etc/nginx/ssl/{site.url}/key.pem
Step 3. Check the syntax of Nginx conf files and then reload Nginx:
nginx-t
if ok then
gp ngx reload
Once more, after making these changes please do not toggle SSL, otherwise, you will have to repeat the above process.
