Direct opes with HTTP instead of HTTPS

[jcritch]

I just installed DirectAdmin and opened the GUI but the instructions show https://. I cannot open it that way. But http:// works. What did I not install? I know, a cert but shouldn't it have installed with the installation files?

 

[CanadaGuy]

By default DA doesn't include setup for HTTPS out of the box (I think this is a huge oversight). If you have an FQDN for your server, you can immediately run the following to get a Let's Encrypt certificate for your server name and log in with that:

https://help.directadmin.com/item.php?id=629

The above help page does exactly what you need if your server has a FQDN.

Alternatively, you can use to create a self-signed certificate:

https://help.directadmin.com/item.php?id=15

The steps are reproduced here with a few notes and details for clarity:

Generate key pair:

/usr/bin/openssl req -x509 -sha256 -newkey rsa:4096 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9000 -nodes

Secure key pair:

chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem

Enable SSL:

./directadmin set ssl 1

Restart DA (CentOS 8 and others):

systemctl restart directadmin

To install a certificate acquired from elsewhere, I do the following:

cd /usr/local/directadmin
touch conf/cakey.pem
touch conf/cacert.pem
touch conf/carootcert.pem
chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem

***copy certs***

cd /usr/local/directadmin
./directadmin set ssl 1
./directadmin set carootcert /usr/local/directadmin/conf/carootcert.pem

systemctl restart directadmin

SSL redirect is also available and is done with the following:

cd /usr/local/directadmin
./directadmin set ssl_redirect_host server.example.com

where server.example.com is your server hostname.

 

[jcritch]

Thank you. That was what I was looking for.