Direct opes with HTTP instead of HTTPS

jcritch

Verified User
Joined
Dec 31, 2019
Messages
10
Location
Washington
I just installed DirectAdmin and opened the GUI but the instructions show https://. I cannot open it that way. But http:// works. What did I not install? I know, a cert but shouldn't it have installed with the installation files?
 

CanadaGuy

Verified User
Joined
Nov 14, 2019
Messages
158
By default DA doesn't include setup for HTTPS out of the box (I think this is a huge oversight). If you have an FQDN for your server, you can immediately run the following to get a Let's Encrypt certificate for your server name and log in with that:


The above help page does exactly what you need if your server has a FQDN.

Alternatively, you can use to create a self-signed certificate:


The steps are reproduced here with a few notes and details for clarity:

Generate key pair:
Code:
/usr/bin/openssl req -x509 -sha256 -newkey rsa:4096 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9000 -nodes
Secure key pair:
Code:
chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem
Enable SSL:
Code:
./directadmin set ssl 1
Restart DA (CentOS 8 and others):
Code:
systemctl restart directadmin
To install a certificate acquired from elsewhere, I do the following:

Code:
cd /usr/local/directadmin
touch conf/cakey.pem
touch conf/cacert.pem
touch conf/carootcert.pem
chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem

***copy certs***

cd /usr/local/directadmin
./directadmin set ssl 1
./directadmin set carootcert /usr/local/directadmin/conf/carootcert.pem

systemctl restart directadmin
SSL redirect is also available and is done with the following:
Code:
cd /usr/local/directadmin
./directadmin set ssl_redirect_host server.example.com
where server.example.com is your server hostname.
 
Top