Free SSL for SugarCRM and other websites
Why SSL is must for SugarCRM ? SugarCRM or any other crm store vital information about Customer, leaking this data to hacker can pose a very serious problem for Companies. To avoid this best way to secure your website is setup a SSL for SugarCRM instance and domain, This article explains how to setup Free SSL for SugarCRM. How to Setup Free SSL for SugarCRM Using following steps it is very easy to get Free SSL for SugarCRM and other websites: 1) Go to Website https://www.sslforfree.com/ SSL for Free uses Let’s Encrypt, It’s a free and open Certificate Authority. 2) Enter your website URL and click Create Free SSL Certificate 3) Click on Manual Verification, Then on Manually Verify Domain 4) Download verification file by clicking on given link 5) Upload verification files to server We can upload to home directory of user using WinSCP then copy to .well-known/acme-challenge directory using Putty (or similar utility) We can do this by following commands: cd /var/www/html/blogs/techaroha_wordpress/techaroha/Application/crm sudo mkdir .well-known sudo mkdir .well-known/acme-challenge cd .well-known/acme-challenge sudo cp /home/ubuntu/8KwHBt7R-Hj_ajYy8KdrVMjO7hmDaEgEcWbwkywvBCQ ./ sudo cp /home/ubuntu/P0yc76hR-l7KAoTf84LzoYVgf1d8XPTgPsSsMnZjzdw ./ 6) You can check verification files are properly uploaded by clicking on given links If it shows error like file not found check that you have uploaded to proper directory and directory is accessible 7) If file verification links works properly click Download SSL Certificate 8) Now Click Download All SSL Certificate Files to download all certificate files in a zip package 9) Now Copy certificates to /etc/ssl/certs in your server You can copy and save certificate files individually directly to server using these command cd /etc/ssl/certs sudo mkdir www.techaroha.com cd www.techaroha.com sudo vim www.techaroha.com.crt (press i and paste certificate content, press esc key, then :wq to save) sudo vim www.techaroha.com.key (press i and paste Private Key content, press esc key, then :wq to save) sudo vim www.techaroha.com.ca-bundle (press i and paste CA Bundle content, press esc key, then :wq to save) To generate CSR from certificate use following command sudo openssl x509 -in yourDomainName.crt -signkey yourDomainName.key -out yourDomainName.csr 10) Configure apache to use ssl Edit your websites apache config file using following commands cd /etc/apache2/sites-avilability sudo vim techaroha.conf ( add these lines and make appropriate changes and save) <VirtualHost *:443>ServerName www.techaroha.comServerAdmin webmaster@techaroha.comServerAlias www.techaroha.comDocumentRoot /var/www/html/blogs/techaroha_wordpress/techaroha/Application/crmErrorLog ${APACHE_LOG_DIR}/error.logCustomLog ${APACHE_LOG_DIR}/access.log combinedSSLEngine onSSLCertificateKeyFile /etc/ssl/certs/www.techaroha.com/www.techaroha.com.keySSLCertificateFile /etc/ssl/certs/www.techaroha.com/www.techaroha.com.crtSSLCertificateChainFile /etc/ssl/certs/www.techaroha.com/www.techaroha.com.ca-bundle</VirtualHost> Enable ssl and restart apache service sudo a2enmod ssl sudo service apache2 restart Now Visit http://52.66.6.159/testblog and check if there is any certificate error. If you want your website to force https you have to make change in .htaccess RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ http://52.66.6.159/testblog/$1 [R,L] (add above lines to existing .htaccess file in your public directory or create a new file) Enable mod rewrite and restart apache service sudo a2enmod rewrite sudo service apache2 restart visit http://52.66.6.159/testblog and test it should redirect to http://52.66.6.159/testblog,If you need any help you can always contact here