SSL on https://someuserdomain.com:2222

[NetworkPanda]

When a user installs a certificate on their domain, it works on https://www.someuserdomain.com (when browsing their web site) but if they try to access DirectAdmin via https://www.someuserdomain.com:2222 an SSL error is shown, because it loads the SSL installed for the server hostname, while the browser address bar shows another domain.

Long ago cPanel had the same problem, but they solved it several months ago and it works automatically when accessing https://www.someuserdomain.com:2083. Is any way to do the same for DirectAdmin?

Thanks in advance for any help

 

[epsilon4]

Do you have Lets Encrypt installed?

In order to add SSL to hostname you must follow these commands logged as a root in SSH:

echo "letsencrypt=1" >> /usr/local/directadmin/conf/directadmin.conf

cd /usr/local/directadmin
echo "action=directadmin&value=restart" >> data/task.queue; ./dataskq d2000

cd /usr/local/directadmin/custombuild
./build rewrite_confs
./build update
./build letsencrypt

cd /usr/local/directadmin/scripts
./letsencrypt.sh request_single hostname.yourdomain.com 4096

At this moment you must have SSL installed and configured. If still not working try to restart these services:

service directadmin restart
service httpd restart

 

[NetworkPanda]

Thank you for your reply. We have already done this earlier and Let's Encrypt is installed.
It installs certificates on domains and browsing web sites with HTTPS works.

The problem is that a user cannot access their DirectAdmin via https://theirdomain.com:2222
https://theirdomain.com works (browsing their site) but https://theirdomain.com:2222 instead of showing the DirectAdmin login page, returns an SSL error.

They can login to direct admin only via https://ourserverhostname:2222 (it works fine without any SSL error there).

cPanel allows to access the 2083 port via HTTPS from any domain that is hosted on the server and has a valid SSL certificate for its site, DirectAdmin does not allow this at the moment. This would be needed by resellers who want their clients to log into their panel from the reseller's domain, instead of our domain/hostname.

 

[Richard G]

Yes but that is not what he asked.
The question is if the Directadmin access can be made on the userdomain with ssl.

It's possible by making a redirect, but then it will be pointed by da to https://hostname.serverdomain.com:2222 and this can be achieved by using this link:
https://help.directadmin.com/item.php?id=629 but it would be just easier if it would not redirect and work at https://www.userdomain.com:2222 and it doensn't.

With SSL in effect you can visit DA by using the non-ssl link, without the www in front, so like http://userdomain.com:2222 but then the browser starts wining again at the password field about the unsafe connection.
However, if you want this unsafe connection, you must keep the SSL=0 and not use these lines:
echo "force_hostname=your.hostname.com" >> directadmin.conf
echo "ssl_redirect_host=your.hostname.com" >> directadmin.conf

There is also a way via a vhost I believe, but it would be very nice if it could be made by default that users can just visit https://www.userdomain.com:2222 like requested.

 

[galuh82]

you can try this configuration on directadmin.conf

SSL=0
port=2222
ssl_port=2223

users can have the preferred port to use http or https

 

[Richard G]

That won't work, the letencrypt certificate won't be used that way, because the hostname differs. The setup really has to be changed.

 

[NetworkPanda]

That won't work, the letencrypt certificate won't be used that way, because the hostname differs. The setup really has to be changed.

On cPanel it was working even with Let’s Encrypt, so there should be a way, let’s hope it is done soon on DirectAdmin. Resellers really need it because they want their clients to log into their panel from a URL showing their company domain.

 

[Richard G]

Indeed cPanel had it working in another way, also with autoSSL which I like too. It's a lot nicer.
You can always create a feature request for this.