nicch/README.md
2019-05-10 17:31:22 +03:00

2.2 KiB

WHMCS EPP with DNSsec Registry-Registrar Module for .CH registry

This module require an Accredited Registrar account for .CH domains, it provide full functionality coverage for domains management and based on communication with Registry through Extensible Provisioning Protocol (EPP).

Requirements

  • PHP 7.2 or higher;
  • WHMCS 7.7.0 or higher;

Installation

Upload via FTP the 'nicch' directory to <whmcs_root>/modules/registrars/ Set write permissions for log file <whmcs_root>/modules/registrars/nicch/log/nicch.log

Generate .PEM certificate

create .pfx file openssl pkcs12 -export -out certificate.pfx -inkey www.yourdomain.com.key -in yourdomain.com.crt -certfile CA_bundle.crt

$ openssl pkcs12 -export -out certificate.pfx -inkey /etc/pki/tls/private/www.yourdomain.com.key -in /etc/pki/tls/certs/yourdomain.com.crt -certfile /etc/pki/tls/certs/gd_bundle.crt

create PEM file

include PassPhrase

$ openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes

or without PassPhrase

$ openssl pkcs12 -in certificate.pfx -out certificate.cer

Upload certificates

Copy certificate.cer to <whmcs_root>/modules/registrars/nicch/local_cert/certificate.cer Copy www.yourdomain.com.key to <whmcs_root>/modules/registrars/nicch/local_pk/www.yourdomain.com.key Copy a certificate authority file to <whmcs_root>/modules/registrars/nicch/cafile/

or you may use https://letsencrypt.org/

$ dnf install git net-tools
$ git clone https://github.com/certbot/certbot.git
$ cd certbot/
$ ./letsencrypt-auto --help
$ systemctl stop httpd
$ ./letsencrypt-auto certonly --standalone

Test connection with the server

please make sure port 700 is not firewalled:

$ telnet epp-test.switch.ch 700
$ openssl s_client -showcerts -connect epp-test.switch.ch:700

command line for acceptable client certificate CA names

$ openssl s_client -showcerts -connect epp-test.switch.ch:700 -CAfile gd_bundle.crt

command line to verify your own Certificate

$ openssl s_client -showcerts -connect epp-test.switch.ch:700 -CAfile CA_bundle.crt -cert yourdomain.com.crt -key yourdomain.com.key