If you have a top level domain, or have purchased a subdomain via the DNS Service provided by QuickBox, you may want to install an SSL certificate. This has a couple of advantages.
- Rid yourself of the nag screens browsers produce from self-signed ssl certificates
- Secure connections via authenticated SSL certificates
Before continuing, please ensure that you have followed the steps below for adding your domain.
To update your dashboard to make use of your domain, do the following in ssh (Does not need http:// in ssh):
sudo su - qb fix siteroot DOMAIN.HERE
You can also add your domain to your dashboard directly via the GUI on the General Settings Page in the Site Root field. Ensure to always include the trailing forward slash (
/) after your domain, ie; (
http://domain.com/). More info on the General Settings can be found in the General Settings Knowledge Base Article.
In most cases, upon successful install of QuickBox, you will encounter a screen informing you that the page you are visiting is not secure and has an invalid SSL certificate. This is due to the self-signed certificates that are installed by default on the installation of QuickBox. Self-signed certificates still have the benefit of encrypting your connections over https. This does not mean your connection is not safe. Due to the nature of self-signed certificates, modern browsers will produce this message since the certificate has not been signed by a verified authority that the browser understands. One way around this is installing a certificate with Let’s Encrypt.
Install your ssl certificate via GUI
Login to your dashboard and navigate to the Apps Dashboard
Once on your Apps Dashboard select the Application Management tab. The Application Management tab is where you will find all available applications for install/uninstall.
Next, either search or scroll down to the Lets Encrypt entry and select Install.
You will now be greeted with a popup where you will insert your top level domain name. Only enter the domain without
/ (eg: good
domain.com/ … etc.)
Once you have entered in your domain, hit the button for Submit Changes.
The certificate installation process will now commence in the background. Upon completion, your browser will refresh, please wait until the refresh as interrupting the process could result in a failed certificate generation.
On browser refresh it is sometimes needed to do a hard refresh on your browser. You can do this by hitting ctrl + shift + R on your keyboard. After a refresh, your connection should now show as secured. You can verify the certificate by clicking on the lock icon and viewing more info on the connection.
You will also need to update your site root to reflect your new URL. You can do this by going to Settings and then General Settings then you can update your site root address.
Install your ssl certificate via CLI
Installing a certificate for your domain via CLI is an incredibly easy process, to do this:
- Login to your server via ssh
- Properly elevate to root with
sudo su -
- Once elevated, type
qb install lecert YOURDOMAIN.COM(where
YOURDOMAIN.COMis your preferred domain)
- Wait for the process to finish and login to your dashboard in your preferred browser, it should now be secured. If you are still seeing an invalid certificate issue, check the following:
- Completely flush your browser cache as you may be caching.
- Did you attempt to generate the certificate too many times and activated the rate limit? You can check in
/etc/nginx/ssl/YOURDOMAIN.COM/, if you see the certificate file with 0 bits of size, more than likely this is why. You may need to wait a day or two before you can attempt it again.