Install SSL from command-line

[sparek]

Is there a way to install a secure certificate for a VirtualHost from the command-line?

Or do you just edit the respective /usr/local/directadmin/data/users/%user%/httpd.conf and modify the necessary SSLCertificateFile, SSLCertificateKeyFile, and SSLCACertificateFile directives?

What about SNI for dovecot and exim? I guess the same thing?

I guess coming from a cPanel background - where directly modifying the configuration files was frowned upon - I'm just not used to this level of "yes, you can modify those files"

 

[nick-a]

Is there a way to install a secure certificate for a VirtualHost from the command-line?

Or do you just edit the respective /usr/local/directadmin/data/users/%user%/httpd.conf and modify the necessary SSLCertificateFile, SSLCertificateKeyFile, and SSLCACertificateFile directives?

What about SNI for dovecot and exim? I guess the same thing?

I guess coming from a cPanel background - where directly modifying the configuration files was frowned upon - I'm just not used to this level of "yes, you can modify those files"

I would install Apache certs via the DA interface, and regarding SNI for dovecot and Exim:

https://www.directadmin.com/features.php?id=2019

 

[sparek]

Meh.

The key for me is going to be the more I can do from the command-line the better off I am.

I get that running GUIs is nice and all and necessary... but you can't script a GUI.

I'm not going to log into 30 different Directadmin admin panels to perform an action when I can link together 30 SSH sessions and run a series of commands and do the same thing on all 30 of the servers.

I think it would benefit Directadmin greatly if they opened up their API to include doing just about everything from the command line that you can do in the GUI.

 

[ditto]

If you are going to install a lets encrypt certificate for the hostname, then you can do it from command line: https://help.directadmin.com/item.php?id=629

If it's not lets encrypt and not for hostname, then I do not know the answer.

Edit: For anything related to lets encrypt, this is a good reading list: https://help.directadmin.com/?query=letsencrypt

 

[nick-a]

I think it would benefit Directadmin greatly if they opened up their API to include doing just about everything from the command line that you can do in the GUI.

They already do I think, SSL certs are included here, the docs aren't great but you can make sense of it:
https://www.directadmin.com/features.php?id=514

CA cert:
CMD_SSL
set the cacert and settings.
GET or POST
domain=domain.com
action=save
type=cacert
active=yes (dont' pass 'active' at all, for 'no')
cacert=the ca certificate

Cert and key:
CMD_API_SSL
method: POST
domain=domain.com
action=save
type=paste:
also include:
certificate=cert and key. add n between them, and at the end.

Here's an old post of mine from years ago to get you started with some code to save time:
http://forum.directadmin.com/showthread.php?t=22728&p=118522&highlight=#post118522

 

[ditto]

@sparek, Regarding the API, you have found the documentation at this page?: https://www.directadmin.com/api.php

 

[sparek]

@nick-a Thanks - that looks to be more of what I'm looking for.

@ditto - I looked there... but it doesn't have anything about installing a certificate - at least that I could find.

I hate to be the new guy giving criticism - but it seems like there's a lot of Directadmin documentation just scattered about every where. Like the API calls for installing an SSL that @nick-a linked to. If you know where the link is... then that's great. But if you don't know where the link is, you're kind of lost.

It might benefit me and a lot of others that are coming over from cPanel if all of the documentation was more central. If the API link that @ditto posted actually linked to all of the current API commands that would probably benefit a lot of people.

I hope that doesn't come across as baseless criticism. I believe constructive criticism (that's tactful) can be a benefit to an entire system. And I know Directadmin is seeing a huge influx of cPanel hosters, so it's kind of a sudden shock to all of the Directadmin developers and what all to work on.

 

[ditto]

@sparek, I agree about documentation should be better organized. Currently you have a advantage if you get used to search for it at the right places. Mostly that would be:

https://help.directadmin.com - and this one is very handy to bookmark (but not API related): https://help.directadmin.com/item.php?id=284

And in the changelog there is also a lot of good information added when new features are added, so everything in https://directadmin.com/features.php?id=XXXX where XXXX is the feature ID, you can search for it in search field at the top of this page: https://directadmin.com/versions.php (notice that in search result "Knowledgebase" come first, but scroll down and you see search result from Versions/Changelog.

The good thing is that Google has indexed most if it, so I often use Google spesific searches. Again, I agree that all the information should be organised in a better way, but it likely is a massiv job as this is information gooing back to year 2003.