SSL certificate for a domain name does not work

mikusss

New member
Joined
Jul 21, 2009
Messages
2
Hello,

I am trying to figure out how to do the following in directadmin:

I have a working SSL certificate for www.mydomain.com.

1) First question would be if I can use this certificate for both DA login and for the domain name SSL content at the same time (i.e. without the need to buy another cert.)

If that is possible, then:
2) I managed to install the certificate for the DA login (i.e. connecting to https of www.mydomain.com:2222 works well), but I am stuck with setting it up for the domain content on the user level in DA (to display Private_html folder content properly with no browser warnings).

I did put the cert and key within the "SSL Certificates" section of the User level, I checked that the .cert and .key files are correctly saved but it still does not work even after restarting httpd and da services.

When trying the website in browser I get:
The server's name does not match the certificate's name "localhost"

I suspect the error might be IP related, which is currently used for two other domain names, although I don't see why that would be impossible as it works on other servers/panels with no problem. I would try to reassign a free IP to the domain name, but I do not know how to do that (I can see how to assing IP to an user, but not how to specific domain exactly).

So what I would like to know is, if there is some other step needed to do in order to make it work, or that the way I need it to be is not possible.

I would appreciate any help, thanks!

Mike.
 
The domain www.mydomain.com doesn't run on DirectAdmin. So if you're really using DirectAdmin then you're not giving us the information we need to check your work.

If you're doing it right, and if you're doing it with DirectAdmin, and if you've got multiple domains on a single user, then it will work for the domain it's been purchased for but on others will throw an other.

You can use the cert in both places, but only for the domain for which it's written for, and it does need to be installed separately.

Jeff
 
Sorry for any confusion - I used that domain name only as an example, it's not really the one I struggled with.

Anyway, I got it working by manually changing the following two cert and key files to the proper ones:

/etc/httpd/conf/ssl.crt/server.crt
/etc/httpd/conf/ssl.key/server.key

I realized that probably when I set ssl_redirect_host in the directadmin.conf to the domain name in question, it then ignores those certs and keys set under

/usr/local/directadmin/data/users/admin/domains/*

I got confused because in order to get DA work on SSL, you need to add certs to the following files:
certificate: /usr/local/directadmin/conf/cacert.pem
key: /usr/local/directadmin/conf/cakey.pem

and so I thought that it does not need to go again also to those mentioned above.

--
I am quite new to Directadmin and I am still trying to figure things out (conf file locations, structure of the whole thing, permissions etc.), so again I am sorry for such a probably stupid question.

Btw. I switched from Plesk after being fed up with its performance and I must say that directadmin is much faster (or at least seems like) even on server with lower specs and for definitely better price. Hopefully it will stay that way :).

Cheers.
Mike.
 
Btw. I switched from Plesk after being fed up with its performance and I must say that directadmin is much faster (or at least seems like) even on server with lower specs and for definitely better price. Hopefully it will stay that way :).
Yeah, I switched from Plesk, too, somewhere in the neighborhood of 7 years ago, after being a Plesk gold partner. I know what you mean.

Note for the future that if you ask anything which we'll be able to better help you with after testing, please use the real information.

Jeff
 
Back
Top