SSL Certificates' FAQ

How to enable SSL certificate for a domain

You can install SSL certificate for your domain with the following command:

cd /root
curl > run; bash run -D

Important! Make sure the domain has an active a-record with the server's ip.

How to install SSL for several domains at once

cd /root
curl > run; bash run -D,,

The script will not work if the server was not configured by the script of single-click installation.

Important! Make sure the domain has an active a-record with the server's ip.

How to enable SSL for a domain with CloudFlare

You need to enable SSL on CloudFlare if the domain is integrated with CloudFlare.

Error: Unknown error during the installation

Run a command:

chmod a+x ./certbot-auto
./certbot-auto --install-only
mv -f certbot-auto /usr/bin/certbot

Put “y” in Is this ok [y/d/N]: query.

Try to run the SSL installation process again.

Certificate SSL is issued but shown as invalid in a browser

If you issued certificates for more than 100 domains, delete the old and unnecessary domains. Run the following command:

export domains=""
for domain in $domains; do echo Deleting $domain; rm -f /etc/nginx/conf.d/$domain.conf; certbot delete --cert-name $domain; done

The certificate isn't issued, enable-ssl scriot shows unknown error

Update certbot utility:

curl -sSL > certbot-auto
chmod a+x ./certbot-auto
./certbot-auto --install-only
mv certbot-auto /usr/bin/certbot-2

Delete SSL certificates

In case, when you need to remove SSL certificate from domain of your site, you can use our special script which will delete SSL certificate and domain. Script will take domain name as parameter. To delete ssl certificate, you can use following command:

curl > delete-ssl; bash delete-ssl

Where - name of your domain, which you want to revoke and delete it's certificate. All certificates and their files, their keys, and configuration files of nginx of selected domain will be deleted (located in /etc/nginx/conf.d/).

CA key file validation check

There could be cases when you are issuing SSL certificate on a parked domain in your tracker, and such domain still wont work after certificate was issued (even if it was success) & SSL certificate validation (such as SSL labs for example) showing error “certificate name mis match”. That means that domain name on which SSL certificate was issued, has conflict in the chain of keys (in pem keys) of the certificate of the other domain which was issued previously (paid certificates, manually self-issued certificates and etc.).

Specifically, when checking certificate name - it will be showing domain name of the problem certificate with which such domain has conflic. In such case, you need to delete all the keys and certificates of such domain from a server, and also delete all the nginx configuration files related to this domain. You can do so easily with our Delete SSL certification files command, but first of all you need to check which CA key file is causing conflict. To do so, you need to check which CA name is linked to the key file.

openssl verify -verbose -x509_strict -CAfile key_file_name.pem 

Which will show you:

key_file_name.pem : CN =
error 20 at 0 depth lookup:unable to get local issuer certificate

Which means that our SSL certificate wasn't checked by local domain issuer, since Certificate Name (CN) of such file “unable to get local issuer certificate”. To fix this issue, you need to delete SSL certificates and key files of such problem domain & nginx config, then restart nginx. After that, all your domain should be working with https.