A sysadminman template VPS comes already setup to use SSL (https) for web connections to a2billing and FreePBX. However, this is using a locally signed ssl certificate so you will receive a certificate warning when accessing your VPS. This is no less secure but can create a poor impression depending who will be accessing the site.
It’s relatively straight forward and inexpensive to get yourself a valid, externally signed, certificate.
The sysadminman template uses lighttpd as the web server so you need to follow these instructions –
Log in to your VPS as root:
Next create a folder to store the keys and then create the key. Make sure to replace the server name with the DNS name of your server. This must match the name that people will use to browse to your webserver/website. You will need to enter a password for the key at this point but we will remove it or it will need to be entered every time the webserver starts.
Next generate the Certificate Signing Request (CSR). Be very careful when entering he hostname. This must match the name of your a2billing/FreePBX website. You can leave the password blank.
Now print the CSR and copy it
Now order your SSL certificate from – http://www.namecheap.com/learn/other-services/cheap-ssl-certificate-rapidssl.asp. Select Apache + OpenSSL and paste the CSR text from earlier.
Complete the order process. You will be required to accept an e-mail to a predefined address. This must be a valid address as you will receive an order confirmation e-mail which you must acknowledge.
You will ultimately receive a zip file containing your certificate. You want the text from the file with your server name ending in .crt.
Create a file on the server called yoursername.crt and paste in the contents of the crt file
Next combine the key and certificate to create a single .pem file.
Now edit the lighttpd config file. Locate the reference to the existing .pem file and change it to your new .pem file
Now restart lighttpd and ensure it starts backup correctly