Results 1 to 2 of 2

Thread: Webmail on subdomain with Let's Encrypt SSL

  1. #1
    Join Date
    May 2014
    Posts
    14

    Webmail on subdomain with Let's Encrypt SSL

    With the function Setting up webmail.domain.com as default for new domains. it is possible to create a subdomain for direct access to the webmail.
    But there is no SSL on this domain, and with Let's encrypt there is no excuse to not encrypt your webmail.

    Please run this tutorial first if you haven't it already done

    1. Add the webmail subdomain to the let's encrypt selection list:

    Add the following item to the /usr/local/directadmin/conf/directadmin.conf
    Code:
    letsencrypt_list=www:mail:ftp:pop:smtp:webmail
    If you want to apply it by default, add the following line to the directadmin.conf to:
    Code:
    letsencrypt_list_selected=www:webmail
    If the Lines doensn't exists you need to add this lines otherwise add the blue text

    2. Setup a Virtual Host for HTTPS for the webmail

    Code:
    cd /usr/local/directadmin/data/templates
    cp virtual_host2_secure.conf custom
    cd custom
    Open the file and append to the bottom of the file:
    Code:
    ...
    ...
    
    </VirtualHost>
    <VirtualHost |IP|:|PORT_443| |MULTI_IP|>
    
         SSLEngine on
         SSLCertificateFile |CERT|
         SSLCertificateKeyFile |KEY|
         |CAROOT|
    
         ServerName webmail.|DOMAIN|
         ServerAdmin |ADMIN|
         DocumentRoot /var/www/html/roundcube
         CustomLog /var/log/httpd/domains/|DOMAIN|.bytes bytes
         CustomLog /var/log/httpd/domains/|DOMAIN|.log combined
         ErrorLog /var/log/httpd/domains/|DOMAIN|.error.log
    
    </VirtualHost>
    This is for Apache to listen on webmail subdomain at port 443

    3. Rewrite the httpd.conf files.
    Code:
    echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue
    /usr/local/directadmin/dataskq d
    If you create now a SSL certificate for a domain, you can select ( or it is autoselected with the option above ) the webmail subdomain.

    Thats all !


    Extra option:
    If you want to Redirect all HTTP traffic to HTTPS for the webmail subdomain change the folowing line:
    Caution: If the Domain hasn't the correct SSL certificate it will give a SSL warning

    Open /usr/local/directadmin/data/templates/custom/virtual_host2.conf
    Scroll to the bottom and remove the Red text and add the Blue text:

    Code:
    <VirtualHost |IP|:|PORT_80| |MULTI_IP|>
      ServerName webmail.|DOMAIN|
      ServerAdmin |ADMIN|
      DocumentRoot /var/www/html/roundcube
      CustomLog /var/log/httpd/domains/|DOMAIN|.bytes bytes
      CustomLog /var/log/httpd/domains/|DOMAIN|.log combined
      ErrorLog /var/log/httpd/domains/|DOMAIN|.error.log
      Redirect 301 / https://webmail.|DOMAIN| 
    </VirtualHost>

    I hope this will help some people out, Lets encrypt the world !

  2. #2
    Join Date
    Sep 2017
    Posts
    1
    Thanks for great tutorial.
    Just please note that if you set redirect as you mention:

    Quote Originally Posted by Trickster View Post
    Extra option:
    If you want to Redirect all HTTP traffic to HTTPS for the webmail subdomain change the folowing line:
    Caution: If the Domain hasn't the correct SSL certificate it will give a SSL warning
    DA won't be able to setup certificate for webmail.domain.com

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •