Bagisto SSL Installation Guide

Bagisto, founded in 2018, is an open-source eCommerce platform built on Laravel, designed for scalable and customizable online stores. It offers features like product management, order processing, and multi-channel support. Users can efficiently create and manage stores with extensive customization options. Benefits include cost-effectiveness, flexibility, and strong community support. Bagisto supports SSL to encrypt data and secure transactions, comparable to standard 9+ SSL, ensuring robust data protection and customer trust.

Bagisto SSL Install and Configuration Guide Video
Play Video

Bagisto SSL Install and Configuration Guide Video

Step 1. Generate a CSR + Private Key

Firstly, you will have to generate a CSR (Certificate Signing Request) and its corresponding Private Key. A CSR is essential for obtaining an SSL/TLS certificate, serving as an encrypted request to a Certificate Authority (CA) for authentication. The Private Key, on the other hand, is a crucial component used to decrypt and secure data transmissions. Understanding these components ensures a secure and reliable digital environment for your website or application.

1: Login to your server as root via your terminal and create a directory to store all certificate files

shell

sudo mkdir /etc/encryption

This will create a sub-directory under /etc called encryption. You can replace encryption with the name of your choice.

2: Type in the following command to generate a private key and a CSR -

shell

sudo openssl req -new -newkey rsa:2048 -nodes -keyout /etc/encryption/server.key -out /etc/encryption/server.csr

This will create a private key and a CSR with the name of server.key and server.csr respectively; in the encryption directory.
You will then get a prompt asking you to input the following details regarding your CSR:-

Country Name (2 letter code) [AU]: Type in the 2 letter abbreviation for your country.
State or Province Name (full name) [Some-State]: Full name of the state
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Locality Name (eg, city) []: Complete name of the city, no abbreviations
Organization Name (eg, company) [Internet Widgits Pty Ltd]: If you are a business; Enter your legal entity name. If you're not a business, any value entered will not be used in your certificate.
Organizational Unit Name (eg, section) []: If you are a business; Write the appropriate division of your company. It is best to use something generic such as "IT".
Common Name (e.g. server FQDN or YOUR name) []: Enter your domain name
Email Address []: Enter your email address

Press Enter snd your Private Key and CSR should be generated successfully in the directory named encryption.

3: To view your CSR, type in the following command:

shell

cat /etc/encryption/server.csr

You can now copy your CSR and move on to configuring your SSL Certificate.

Step 2. Buy SSL Certificate + Setup

The next step in the installation process is to order an SSL Certificate. If you visit our SSL Certificates List page, you will options available, such as a low-cost domain-validated SSL or a multi-domain SSL.

SSL certificates vary in pricing based on the level of validation they provide. Domain Validated (DV) certificates are typically the least expensive as they only verify domain ownership.

Cheap SSL Certificates

View our low cost SSL Certificates with domain validation.

Starting at $ per year

Wildcard SSL

View our Wildcard Certificates to Secure Unlimited Sub-domains.

Starting at $ per year

Multi-Domain SAN SSL

View our SAN Certificates to secure multiple domains.

Starting at $ per year

You can choose the SSL Selector on our website. If you're still unsure of what certificate to choose for your business, please contact our Sales Team and they will be glad to help you out.

1: Add the SSL Certificate your cart and complete the checkout process.

SSLTrust Checkout Page

Provide your account information

SSLTrust Account Details

Pick the payment option you prefer, then click on the checkout button

SSLTrust Complete Order

2: Following your SSL Certificate purchase, you're ready to commence configuring it. To complete this action, navigate to your SSLTrust account and handle your latest purchase. Access the SSLTrust Dashboard, then navigate to Services and select My Services.

SSL Dashboard

Your purchased certificate and order status should be visible to you. Next, click on Manage.

SSLTrust SSL

Upon clicking Manage, you'll find yourself on the Product Details page of your SSL Certificate. Choose "start configuration" to personally configure the settings, or alternatively, share the URL below with the relevant person for them to handle the configuration on your behalf.

Start SSL Configuration

3: Ensure that the CSR (Certificate Signing Request) previously generated is copied and pasted here in the following format.

text

-----BEGIN CERTIFICATE REQUEST-----
  -----END CERTIFICATE REQUEST-----
Verify CSR Details

Then, click on Verify CSR.
If the CSR details align with the inputs you've previously provided, you can proceed; otherwise, generate a new CSR with accurate details.

Actual CSR Details Pic

Select the Server Type and click on Next Step.

Server Type Step

4: Kindly fill out your contact details.

Contact Info

Please provide the details of your technical contact, if they are managing the certificate for you.
Authorization will be provided to them for managing the certificate, and renewal reminders will be sent.

Technical Contact

In order to acquire a business SSL certificate, it is necessary to furnish your business information, which includes your accurate address, phone number, and legal entity name. Verification of the accuracy of this information will be conducted by the Certificate Authority.
Errors could potentially result in delays in the process.

Then, click on Next Step

5: The next step in this process is Domain Control Validation (DCV).

Domain Control Validation (DCV) is a process used to verify domain ownership for SSL certificate issuance. It ensures that the entity requesting the certificate has administrative control over
the domain, enhancing online security and trustworthiness.

Verifying an SSL certificate's legitimacy through this process is essential for bolstering online security.

Domain Control Validation

Pick the method that suits you best. Having an email address with the domain name will be the quickest way to proceed.
You'll receive an email containing a validation link. Clicking on the link should confirm your domain name.
Using the HTTP/HTTPS File Validation Method, create a folder in the designated directory, paste the contents, and your domain will undergo validation.

HTTP Method DCV

CNAME Validation represents the final method for validating your domain name.Essentially, you need to create a CNAME record in your DNS Settings to validate your domain name. Afterward, click on the "Check DNS Record" button to confirm DNS changes.

CNAME Method DCV

Following a brief interval, typically ranging from a few minutes to several hours, contingent upon your DNS propagation speed, the CNAME record should be validated.

DNS Check DNSChecker

If everything is set up correctly, click the button below to proceed to the validation manager.

Certificate Configuration Success

6: After successfully completing all the previous steps, your certificate should now be issued.

Certificate Issue Success

Should the certificate not be issued, click on Domain Control Validation, and resubmit your chosen validation method.
After successfully validating your domain with the chosen method, your SSL certificate will be issued.
For customers who have ordered a Business SSL, it's important to wait for the Certificate Authority to validate your business address and phone number. If the validation process isn't finalized or if you haven't received your certificate after a specific time frame, please reach out to the support team for assistance regarding your certificate's status.

Step 3. Download + Install SSL Certificate

After your SSL certificate is issued, you'll receive an email containing the certificate directly from the Certificate Authority. Alternatively, you have the option to download the certificate from the SSLTrust Portal, which provides it in an easy-to-use format.

Return to the SSLTrust Dashboard and access your certificate by clicking on it.

dashboard-final

1: Click on Collect/Download Certificate-

Collect Certificate

Go to the first column and click on copy to clipboard

Copy SSL Certificate

2: Open your terminal again, create a new file and paste the main certificate

shell

sudo nano /etc/encryption/cert.pem

3: Head back to the certificate collection page and click on copy to clipboard on the Intermediate certificate.

Copy Intermediate Certificate SSLTrust

4: Create a new file and paste your intermediate certificate.

shell

sudo nano /etc/encryption/inter.pem

Save the buffer and exit by pressing CTRL+X

Step 4. Configure Webserver

1: Edit the default configuration file with the path mentioned below:

shell

sudo nano /etc/apache2/sites-enabled/default-ssl.conf

2: Add the following code and make sure to change the path of the certificate files

text

ServerName yourdomainname
      DocumentRoot /path/of/your/bagisto/files
      SSLEngine on
      SSLCertificateFile /etc/encryption/cert.pem
      SSLCertificateChainFile /etc/encryption/inter.pem
      SSLCertificateKeyFile /etc/encryption/server.key

3: Restart the Webserver:

shell

systemctl restart apache2

Step 5. Check SSL Certificate

SSLTrust's Free SSL Checkeris a tool that allows you to test and validate the SSL/TLS
certificates installed on websites. Simply enter a domain name and it will analyze the certificate, providing details like the
issuer, expiration date, encryption strength, and whether the certificate is properly configured and trusted by major browsers
and operating systems. In SSL tests, receiving an "A" rating typically signifies that the SSL certificate and its configuration
meet high security standards.

SSLTrust Free SSL Checker A Rating

The checker highlights any potential security issues or misconfigurations with the SSL implementation. This free tool makes it
easy to verify if a website's SSL certificate is valid and secure, giving visitors confidence their connection is encrypted and
their data is protected from eavesdroppers.

SSLTrust Free SSL Checker Detailed Report Example Drop Down

Additionally, you can also performed a detailed check which generates an actionable report with all the ins and out of your SSL
Certificate. This includes Protocols, Ciphers, Vulnerabilities and much more.

SSLTrust Free SSL Checker Detailed Report

-

You might require assistance from your web developer or make the necessary updates to your website personally to ensure that
all files utilize "https://" and all links leading to and within your website employ "https://".

Discussions and Comments

Click here to view and join in on any discussions and comments on this article.

Written by
Siddiqui Ammar


Helpful Guides

View more Guides, FAQs and information to help with your Certificate purchases.

Learning Centre

View more resources on cyber security, encryption and the internet.


Continue reading with these guides you may be interested in...

#SSL/TLS

Netlify Custom SSL Configuration and Installation Guide

Video Included

Since its establishment in 2014, Netlify has become a dominant force in modern web development, serving over 1 million developers globally. With its comprehensive suite of tools, including continuous deployment, serverless functions, and global CDN, …

#SSL/TLS

Serverpilot SSL Configuration and Installation Guide

Video Included

Founded in 2012, ServerPilot is a standout cloud-based server management platform automating tasks for 200,000+ servers globally. Tailored for developers and agencies, it simplifies deployment on major cloud providers like DigitalOcean. With an …

#SSL/TLS

ISPConfig SSL Installation and Configuration Guide

Video Included

ISPConfig is an open-source web hosting control panel released in 2005. It allows users to manage their web servers through a web-based interface and includes features such as website, email, database, and DNS management. ISPConfig also provides …

#SSL/TLS

Lighttpd SSL Installation Guide

Video Included

Lighttpd is an open-source and lightweight web server released in 2003. It offers high-performance capabilities with low memory and CPU usage, making it ideal for hosting high-traffic websites and applications. It supports multiple platforms and …