SSL for E!A setup
340 views
Skip to first unread message
Tumelo Mapila
Jul 15, 2016, 9:04:32 AM7/15/16
to Easy!Appointments - Support Group
Hi Guys
Have anyone of you setup SSL for your E!A setup? Is so please share how you implemented it?
Thank you
Craig Tucker
Jul 15, 2016, 10:23:55 AM7/15/16
to Easy!Appointments - Support Group
SSL is implemented the standard way. You can create your own certificates using OpenSSL or purchase signed certs (which is what I think you want to do). When you purchase an SSL certificate from a third party it is called a signed certificate. If you make your own certificate the browser will pop up a warning to those going to your site saying that the security of your site cannot be varified. Your site is still encrypted at what ever level you made your certs but it just cannot be varified by a third party so you get the warning. So, unsigned certificates are fine for testing your site and for personal business use but it does not give the public confidence when visiting your site. When you purchase a signed certificate and install it correctly the little lock on the browser will show up as locked and no warning will appear.
The SSL certificate encrypts according to your domain name. So if you have a domain name of www.mydomain.com any address built on that domain will be encrypted. So www.mydomain.com/easyappointments will show the encryption lock. Subdomains like easyappointments.mydomain.com are different. Sometimes subdomains are included in your purchase and sometimes they are not so if you are going to use subdomains you will want to check that out. And ther are some more steps than I am listing here to handle the subdomain. Also, your cert is specific for your specific domain unless you ask for a multi site option and so on. This means that if you change your domain name, you will need a new cert. There are also different levels of varification. To get a lock on your site basic varification is sufficient. To get a green lock a higher level of varification is needed and you pay more for that. The green lock is usually for money oriented transactions. There are various little subtle choices to make but if you are running a simple system with one site and just doing scheduling on your server you can just buy a basic encryption cert and you are secure enough.
I use Digicert for my certificates. They are not the cheapest but there service is great and they are a respected company. I will tell you the process I use with DigiCert (from my notes):
I purchased my SSL certificate from Digicert. When purchasing from Digicert they ask for a CSR key. You can generate one on their site but you are better off doing it your server and you may have a utility to do that with your operating system. Mine does. I use a Synology NAS. But any Linux system will have a utility to generate a CSR so you will need to look that up for your version of Linux.
This is the process I use:
First you will create a CSR. Download the certificate file and open it. You will find there the CSR file and a Key file. Save the Key file for use later. Open the CSR file with a text editor like Note Pad. Copy the contents in to the Digicert CSR file box and follow the instructions from there. This will generate zip file that is sent to you by email. You will need to download and extract it. In the Digicert zip file will contain two files with instructions:
DigiCertCA.cert
www_yourdomain_com.cert
Every oporating system has a utility for importing certificates. So you would have to find that for your server and select the import certificate option on your server:
You will enter your Private Key information: The path to the Key file you saved above.
You will enter your Certificate information: the path to www_yourdomain_com.cert
You will enter your Intermediate Certificate information: DigiCertCA.cert
The Server will restart.
You are done. Good luck!
The SSL certificate encrypts according to your domain name. So if you have a domain name of www.mydomain.com any address built on that domain will be encrypted. So www.mydomain.com/easyappointments will show the encryption lock. Subdomains like easyappointments.mydomain.com are different. Sometimes subdomains are included in your purchase and sometimes they are not so if you are going to use subdomains you will want to check that out. And ther are some more steps than I am listing here to handle the subdomain. Also, your cert is specific for your specific domain unless you ask for a multi site option and so on. This means that if you change your domain name, you will need a new cert. There are also different levels of varification. To get a lock on your site basic varification is sufficient. To get a green lock a higher level of varification is needed and you pay more for that. The green lock is usually for money oriented transactions. There are various little subtle choices to make but if you are running a simple system with one site and just doing scheduling on your server you can just buy a basic encryption cert and you are secure enough.
I use Digicert for my certificates. They are not the cheapest but there service is great and they are a respected company. I will tell you the process I use with DigiCert (from my notes):
I purchased my SSL certificate from Digicert. When purchasing from Digicert they ask for a CSR key. You can generate one on their site but you are better off doing it your server and you may have a utility to do that with your operating system. Mine does. I use a Synology NAS. But any Linux system will have a utility to generate a CSR so you will need to look that up for your version of Linux.
This is the process I use:
First you will create a CSR. Download the certificate file and open it. You will find there the CSR file and a Key file. Save the Key file for use later. Open the CSR file with a text editor like Note Pad. Copy the contents in to the Digicert CSR file box and follow the instructions from there. This will generate zip file that is sent to you by email. You will need to download and extract it. In the Digicert zip file will contain two files with instructions:
DigiCertCA.cert
www_yourdomain_com.cert
Every oporating system has a utility for importing certificates. So you would have to find that for your server and select the import certificate option on your server:
You will enter your Private Key information: The path to the Key file you saved above.
You will enter your Certificate information: the path to www_yourdomain_com.cert
You will enter your Intermediate Certificate information: DigiCertCA.cert
The Server will restart.
You are done. Good luck!
Tumelo Mapila
Jul 15, 2016, 11:20:31 AM7/15/16
to Easy!Appointments - Support Group
Thank you Craig, very elaborate explanation. So I basically wont need to configure anything else on my E!A setup once I have installed the SSL?
The only difference will be the https:// of the URL instead of http://
Beny Walujo
Jul 15, 2016, 3:52:50 PM7/15/16
to Easy!Appointments - Support Group
don't forget to adjust the BASE_URL in the config.php
Craig Tucker
Jul 16, 2016, 2:48:36 AM7/16/16
to Easy!Appointments - Support Group
That is correct. Something to be aware of is if you use https:// for your BASE_URL in easy appointments, hitting easyappointments by http:// will not work propperly. So I use an .htaccess file to redirect to the user to https if thy hit my site through http. A nice site for building your .htaccess file is http://www.htaccessredirect.net/.
Margarita Álvarez
Jul 28, 2021, 11:20:14 AM7/28/21
to Easy!Appointments - Support Group
Could anyone provide the .htaccess rule? It's not working properly on my site.
Alex Tselegidis
Aug 2, 2021, 3:30:26 AM8/2/21
to Easy!Appointments - Support Group
Hello Margarita!
In order to enable SSL with an .htaccess file, the first thing you will need to make sure is that overrides are allowed for your Apache configuration.
The option is called AllowOverride and you should be able to find it in the active vhost file:
If the overrides are not enabled then .htaccess files are ineffective.
Another alternative would be to modify your vhost file just like in the following example:
Reply all
Reply to author
Forward
0 new messages