2. Configure own certificate

Course: Bitrix Virtual Appliance

Bitrix Virtual Appliance v7.x
- What's New
  - Update Archive
- Installation of Bitrix Environment (BitrixEnv) for Linux
- Launching Bitrix Virtual Appliance
- VMBitrix.CRM
- Installation and Migration of Bitrix24 Products to BitrixVA/BitrixEnv
  - Site installation in BitrixVA/BitrixEnv
  - Migrating Bitrix products to BitrixVM/BitrixEnv
- 1. Manage servers in the pool
- 2. Manage localhost
- 3. Configure MySQL servers
- 4. Configure Memcached Servers
- 5. Background Tasks in the pool
- 6. Configure pool sites
  - 1. Create Site
  - 2. Delete Site
  - 3. Change Cron Tasks on Site
  - 4. Change E-mail Settings on Site
    - Email service settings
  - 5. Change HTTPS Settings on Site
  - 6. Change Backup Settings on Site
  - 7. Configure NTLM Authorization for all Sites
  - 8. Configure Optional Services (xmppd|smtpd) for Site
  - 9. Bitrix Composite Site
  - 10. Configure Site Options
    - 1. Configure proxy_ignore_client_abort for Site
  - 11. Show Sites with Errors
- 7. Manage Sphinx in the pool
- 8. Manage Web Nodes in the pool
  - 1. Create Web Instance on Server
  - 2. Manage PHP Extensions
  - 3. Configure certificates
  - 4. Remove web role from server
- 9. Monitoring in the pool
- 10. Configure Push/RTC Service
  - 1. Configure NodeJS RTC Service
  - 2. Remove NodeJS RTC Service
- Additional Settings for BitrixAV/BitrixEnv
- BitrixVA API for Providers
  - Providers
  - Script to Work with Providers
- How to create BitrixVM image for cloning
Bitrix Virtual Appliance Contents
- Introduction
  - Bitrix24 On-premise operational requirements
  - BitrixVM edition packages
  - Bitrix repository
  - BitrixVM package contents
    - bx-nginx
    - Apache/PHP
    - MySQL Percona Server
    - Ansible
- Service configuration
- BitrixVM Configuration
  - Pool
    - Creating and deleting a pool
    - Adding and deleting server in the pool
  - Site
    - Site types
    - Creating and deleting sites
Archive
- Bitrix Virtual Appliance v4.3 (Archived)
  - Introduction
  - Running the Bitrix Virtual Appliance
  - Configuring the SMTP Mail Server
  - Creation of a Master-Slave Cluster
  - Adding a Site
  - Automatic Backups
  - Sphinx Search Engine Setup
  - Update of Bitrix Virtual Appliance
  - Restoring a Web Project from a backup copy
    - Preparing to Transfer
    - Restoring the Website
  - Additional BitrixVA settings
- Bitrix Virtual Appliance v5.x (Archived)
  - Installation of Bitrix Environment for Linux 5.x
  - Installation of the VA VMware Edition
  - Migration of the Bitrix product to a VA
  - Host management
  - Configure MySQL servers
  - Manage local server
  - Configure the memcached servers
  - Background tasks in the pool
  - Manage the sites in the pool
  - Sphinx Search Engine Setup
  - Manage web-servers
  - Monitoring in pool
  - Additional BitrixVA settings
    - Additional settings and debugging of msmtp
    - Changing the standard settings of VA
    - Increasing the disk space of BitrixVA
      - Adding additional disk
      - Increasing the size of the existing hard drive
    - Connection of a Swap Partition
    - Mounting Windows Resources Correctly
    - Setting up sending the Nagios notices in BitrixVA
    - Execution of all agents on Cron
    - Mounting options
    - IDE Connection

...

Own SSL certificate, issued by any certification authority, can be also connected to a site in BitrixVM.

Important! Before issuing a certificate, make sure that you have created a site at the host (also available from the Internet), to which the certificate is issued, as well as that DNS settings for DNS hoster and registrator for this domain are correct. Otherwise the certificate won't be issued. Plus, there is a limit – 5 errors for certificate issue per hour and per account for this domain.

You must have the following certificate files: private key, certificate chain and the certificate.

Requirements for imported certificates:

Certificate, private key and certificate chain must have PEM-encoding.
Private key must not be encoded.
Files of the certificate and private key are required, file with the chain may not be specified.
If you use your own paths for uploading the certificates, specify full paths during import. When using relative pathnames, the certificate files must be uploaded into the /etc/nginx/certs directory.

The following must be done to connect own SSL certificate:

Copy the certificate files into any server directory via any SFTP client. In our example, we have create the /home/bitrix/ssl/ directory and have copied certificate files into it.
The resulting paths are as follows:
1. private key – /home/bitrix/ssl/test2.b24test.site_privkey.pem
2. certificate – /home/bitrix/ssl/test2.b24test.site_cert.pem
3. certificate chain – /home/bitrix/ssl/test2.b24test.site_chain.pem
After that, go to the menu 8. Manage web nodes in the pool > 3. Configure certificates:
Select menu item 2. Configure own certificate and enter site name (or several site names), for which the certificate (-s) must be imported (in this example: test2.b24test.site), Private Key path, Certificate path, Certificate Chain path and confirm certificate installation for this domain:
The installation wizard will install the certificate. Paths of SSL certificates will be specified in the same section:
Connected certificate can be easily checked - go to your site via https protocol, and the valid certificate will have a green lock icon:

Support of several sites is available, separated by comma. You will have to track validity period of your certificate on your own. Certificate re-issuing is also performed by the site owner as well. After the new certificate is issued, it can be imported again.

Note: If you have used your own server directory to copy initial certificate files, then after import is completed it is recommended to delete these files for security purposes (in the example - /home/bitrix/ssl/). If you have copied files into /etc/nginx/certs, then there is no need to delete them.

Course: Bitrix Virtual Appliance

2. Configure own certificate

Feedback

Thank you for your feedback!

How can we do better?

Thank you for your feedback!

Bitrix Virtual Appliance v7.x

What's New

Update Archive

Installation of Bitrix Environment (BitrixEnv) for Linux

Launching Bitrix Virtual Appliance

VMBitrix.CRM

Installation and Migration of Bitrix24 Products to BitrixVA/BitrixEnv

Site installation in BitrixVA/BitrixEnv

Migrating Bitrix products to BitrixVM/BitrixEnv

1. Manage servers in the pool

1. Add new server to the pool

2. Remove host from the pool

3. Server reboot

4. Update BitrixEnv on host

5. Change 'bitrix' user password on host

6. Configure pool timezone

7. Remove pool configuration

8. Update PHP and MySQL

9. Change hostname

10. Enable or disable bitrix-env beta versions

2. Manage localhost

1. Configure hostname

2. Configure Server IP-address via DHCP

3. Configure network inteface manually

4. Reboot server

5. Shutdown server

6. Local Server Update

3. Configure MySQL servers

1. Update Settings for all MySQL Servers

2. Change Root User Password for MySQL Server

3. Stop/Start MySQL Service

4. Create a Slave MySQL Server

5. Change Master MySQL Server

6. Remove Slave MySQL Server

4. Configure Memcached Servers

1. Create Memcached Server

2. Update Settings on all Memcached Servers

3. Remove Memcached Server

5. Background Tasks in the pool

6. Configure pool sites

1. Create Site

2. Delete Site

3. Change Cron Tasks on Site

4. Change E-mail Settings on Site

Email service settings

5. Change HTTPS Settings on Site

6. Change Backup Settings on Site

7. Configure NTLM Authorization for all Sites

8. Configure Optional Services (xmppd|smtpd) for Site

9. Bitrix Composite Site

10. Configure Site Options

1. Configure proxy_ignore_client_abort for Site

11. Show Sites with Errors

7. Manage Sphinx in the pool

1. Create Sphinx Instance on the Server

2. Update Sphinx Instance on Server (add index)

3. Remove Sphinx Instance on Server

8. Manage Web Nodes in the pool

1. Create Web Instance on Server

2. Manage PHP Extensions

3. Configure certificates

1. Configure "Let's encrypt" certificate

2. Configure own certificate

3. Restore default certificate

4. Remove web role from server

9. Monitoring in the pool

1. Configure Monitoring Services

2. Disable Monitoring Services

3. Add New Host(s) to Monitoring

10. Configure Push/RTC Service

1. Configure NodeJS RTC Service

2. Remove NodeJS RTC Service

Additional Settings for BitrixAV/BitrixEnv

Modification of BitrixVA Standard Settings without Disabling Autotuning

Adding SSL-certificates in BitrixVA/BitrixEnv

Expanding BitrixVA Disk Space

Supplementing an Additional Hard Drive to BitrixVA

Increasing Size of Existing BitrixVA Hard Drive

Increasing Size of BitrixVA LVM-Partition

Connecting Swap Partition