Installation of SSL Certificate in BitrixVM
To install an SSL certificate on the BitrixVM server, you need two main files: a certificate (or a certificate chain in the following order: the certificate itself, the root certificate, and intermediate certificates) and a private key in unencrypted format.
Copy these files to the directory /etc/nginx/ssl on the server.
To streamline the working process, we recommend installing the text editor nano instead of the default vi in Bitrix 7. You can do this with the following command:
yum install -y nanoAfter that, perform the following actions:
- Create a copy of the base SSL configuration file, for instance, named twssl.conf:
cp /etc/nginx/bx/conf/ssl.conf /etc/nginx/bx/conf/twssl.conf- Open the new file twssl.conf using your chosen text editor and remove the following lines:
ssl_certificate /etc/nginx/ssl/cert.crt;
ssl_certificate_key /etc/nginx/ssl/cert.key;- Edit the configuration file for the SSL zone of your site (these files are automatically created when a site is created via the BitrixOS menu).
- For the main site located in the directory /home/bitrix/www, this is the file /etc/nginx/bx/site_enabled/ssl.s1.conf;
- For other sites, these are files named like /etc/nginx/bx/site_enabled/bx_ext_ssl_domain.ru.conf.
Replace the line in the required file:
include bx/conf/ssl.conf;with
include bx/conf/twssl.conf;- After this line, add the following lines, providing the full path to the certificate file (or certificate chain) and the unencrypted private key file:
ssl_certificate /full/path/to/certificate_file.crt;
ssl_certificate_key /full/path/to/key_file.key;- Check the Nginx configuration:
nginx -t- If no errors are found, restart the web server to apply the settings:
service nginx restartThe certificate is now successfully installed. Ensure that your site is functioning correctly.
