ServerTune

Browse by category

Search    |    Advanced search

Setting up DA with an SSL certificate

You can switch DirectAdmin to use SSL instead of plain text. (https instead of http)

If you do not have your own certificates, you'll need to create your own:

If you already have your own certificate and key, then paste them into the following files: certificate: /usr/local/directadmin/conf/cacert.pem
key: /usr/local/directadmin/conf/cakey.pem

Edit the /usr/local/directadmin/conf/directadmin.conf and set SSL=1 (default is 0). This tells DA to load the certificate and key and to use an SSL connection. DirectAdmin needs to be restarted after this change.

If you've enabled SSL=1 and the User enters http, then DA will give them the server IP redirect by default. This option will allow the admin to specify the value of the hostname in the redirect, which has an added benefit of forcing them to use the host that matches the certificate to valid ssl errors.

The directadmin.conf option will be:
ssl_redirect_host=host.name.com

The default setting is for the value to not be present in the directadmin.conf.
When it's not present, the server IP will be used. With the option present, it's value will be used (even it's it's blank) so make sure it only there if you want to use it.

If you also have a CA Root Certificate, this can be specified by adding:

into the /usr/local/directadmin/conf/directadmin.conf file (won't exist by default) and by pasting the contents of the caroot cert into that file.

 
 
Add comment
 
Views: 1563
 
Votes: 0
 
Comments: 0
 

Other articles in this Category

RSS