To stop Symbiosis trying to generate SSL certificates, you'll need to set config/ssl-provider
to false
. You can then add the third-party SSL wherever you'd like - perhaps /config/ssl/comodo/
, or whatever helps you identify it amongst the rest.
An Apache SSL vhost file might look similar to this:
SSLCertificateFile /path/to/ssl.crt
SSLCertificateKeyFile /path/to/ssl.key
SSLCertificateChainFile /path/to/ssl.chain
SSLCertificateChainFile
isn't strictly required (and is deprecated as of Apache 2.4.8). The .crt
and .key
should be provided by your SSL provider (or sometimes a .pfx
which contains all three of the above files).
You shouldn't need an extra IP thanks to SNI, unless you're using a version of Apache older than 2.2.12.
Once you've manually modified the site's Apache vhost file, Symbiosis will skip over it when symbiosis-httpd-configure
is ran, unless you append the --force
flag - you'll likely not want this vhost file to be overwritten by Symbiosis, so it's worth bearing that in mind. 