Directadmin Services SSL

[LaqueP]

Hello,

I need to update the SSL certificates for the directadmin Services, I try using the .Letsencrypt.sh script, but it return a Lego error:

./letsencrypt.sh request_single server-xx-xxx-xx-xxx.da.direct 4096
missing 'lego' command, it can be installed using CustomBuild with command:
da build install lego

/usr/local/directadmin/scripts/letsencrypt.sh server_cert
missing 'lego' command, it can be installed using CustomBuild with command:
da build install lego


Lego is installed and all the domains auto-renew is working correctly.

I need the SSL for directadmin services to connect third party services.

Anyone know how to solve it?

 

[floyd]

What do you mean by "directadmin services"?

 

[ericosman]

Probably you need to follow this how to

[How-To] Create or change your server's hostname in Directadmin

This is a guide on how to create a correct FQDN hostname on a sever or VPS. I created this newly here in this section, for easier reference and it's also easier to find. There is also another method, but the method described here is another method which is also still very usable. Before you...

forum.directadmin.com

 

[floyd]

I read it as the connection originating from his server. So this would not have anything to do with a SSL certificate on his server or his hostname.

 

[LaqueP]

What do you mean by "directadmin services"?

Im talking about the admin SSL certificates for the different services like DirectAdmin, Exim, Httpd etc... (attached photo)

My Hostname is correctly configured

[root@srvXXXX scripts]# hostname -f
srvXXXXX.hstgr.cloud

But in the SSL certificates the server showed is the .da.direct (attached photo)

I updated the letsencrypt :

[root@srvXXXX custombuild]# ./build letsencrypt
download_cached: using cached '/usr/local/directadmin/custombuild/cache/lego_v4.14.2-SNAPSHOT-cd63b325_linux_amd64.tar.gz' file
lego
################################################################################################################# 100.0%
Lego 4.14.2-SNAPSHOT-cd63b325 Installed.

But when I try to show the lego version it returns:

[root@srvXXXX custombuild]# lego --version
bash: lego: command not found

 

[floyd]

I need the SSL for directadmin services to connect third party services.

If your server is initiating the connection to other third party services then the certificate on your server doesn't matter.

If you mean when others connect to your server then you need the certificate.

lego is not a command.

If you need a certificate for the hostname then you have to do that via the command line. See the DA docs for that. I don't know it from memory.

SSL certificates are installed through the gui but only for domains that are actually hosted on your server.

 

[LaqueP]

If your server is initiating the connection to other third party services then the certificate on your server doesn't matter.

If you mean when others connect to your server then you need the certificate.

lego is not a command.

If you need a certificate for the hostname then you have to do that via the command line. See the DA docs for that. I don't know it from memory.

SSL certificates are installed through the gui but only for domains that are actually hosted on your server.

Hi Floyd;

Thanks for your answer, I follow this article from Directadmin:

Let's Encrypt For Services

But when I try to certificate the host, it return the error below:


./letsencrypt.sh request_single server-xx-xxx-xx-xxx.da.direct 4096

missing 'lego' command, it can be installed using CustomBuild with command:
da build install lego



I tried to find information about, but I can't

 

[floyd]

Did you run "da build install lego"

 

[LaqueP]

Did you run "da build install lego"

Hi Floyd;

Yes, I did from the console and from the panel.

And return installed correctly

 

[ericosman]

Maybe read this:

Version 1.661 | Directadmin Docs

DirectAdmin Knowledge Base

docs.directadmin.com

But first you need to follow the other tutorial i sended to delete the server-xx-xxx-xx-xxx.da.direct certs.

 

[LaqueP]

Maybe read this:

Version 1.661 | Directadmin Docs

DirectAdmin Knowledge Base

docs.directadmin.com

But first you need to follow the other tutorial i sended to delete the server-xx-xxx-xx-xxx.da.direct certs.

Hi Ericosman I Just followed the link you sended below, now on DirectAdmin Certifications the SSL shows empty (Photo added)

But when I try to use the command again the result is the same:

/usr/local/directadmin/scripts/letsencrypt.sh server_cert

missing 'lego' command, it can be installed using CustomBuild with command:
da build install lego

 

[ericosman]

What version of Directadmin are you running?

also see

To resolve the 'da build install lego' issue on direct admin while installing the SSL using lets encrypt. Can follow the below steps on your Cloud server.
$ cd /usr/local/directadmin/custombuild/
$ ./build letsencrypt
$ lego --version

Can refer to the below screenshot!
View attachment 7837

 

[Richard G]

Be sure in your external DNS you have an A record for your hostname.
Check if you have a hostname record in your DNS administration (so not in the .cloud domain dns).
Be sure a correct rDNS/PTR record for your hostname exists with your datacenter/vps provider, so where you got the server/vps from.

Then try for fun as root and see what happens, it's the old command:

cd /usr/local/directadmin/scripts
./letsencrypt.sh_request_single srvXXXXX.hstgr.cloud 4096

maybe that works.

Ofcourse replace the XXXX with the correct data.

 

[LaqueP]

Be sure in your external DNS you have an A record for your hostname.
Check if you have a hostname record in your DNS administration (so not in the .cloud domain dns).
Be sure a correct rDNS/PTR record for your hostname exists with your datacenter/vps provider, so where you got the server/vps from.

Then try for fun as root and see what happens, it's the old command:

cd /usr/local/directadmin/scripts
./letsencrypt.sh_request_single srvXXXXX.hstgr.cloud 4096

maybe that works.

Ofcourse replace the XXXX with the correct data.

Is possible to restore the file letsencrypt.sh or download the repository? I broke it.

 

[ericosman]

Custombuild —>build —> LEGO

 

[Richard G]

You can only break it if you edit it.
In the early days it was downloadable now it isn't anymore, only an old version. Always backup things you want to edit.

The scripts are updated on every DA update.
There is a command to force update DA but I forgot it.

However you can try switching versions (stable and current) and it all is well it should have the same effect.
/usr/local/directadmin/directadmin set update_channel stable

And then if nothing is installed automatically (has been a while shince I changed channels):

cd /usr/local/directadmin/custombuild
./build update

When ready, do the same but then the other way around:

/usr/local/directadmin/directadmin set update_channel current
cd /usr/local/directadmin/custombuild
./build update

Then DA is updated again with from the current channel and if all is well the letsencrypt.sh should be normal again.

 

[LaqueP]

You can only break it if you edit it.
In the early days it was downloadable now it isn't anymore, only an old version. Always backup things you want to edit.

The scripts are updated on every DA update.
There is a command to force update DA but I forgot it.

However you can try switching versions (stable and current) and it all is well it should have the same effect.
/usr/local/directadmin/directadmin set update_channel stable

And then if nothing is installed automatically (has been a while shince I changed channels):

cd /usr/local/directadmin/custombuild
./build update

When ready, do the same but then the other way around:

/usr/local/directadmin/directadmin set update_channel current
cd /usr/local/directadmin/custombuild
./build update

Then DA is updated again with from the current channel and if all is well the letsencrypt.sh should be normal again.

O thanks Richard, that works.

But I'm still not able to resolve the problem with the SSL.

When I try to ping srvXXX.hstng.cloud from outside it return unknow host

I follow all the article:
https://forum.directadmin.com/threa...e-your-servers-hostname-in-directadmin.70371/

And I still having the lego problem

missing 'lego' command, it can be installed using CustomBuild with command:
da build install lego

 

[Richard G]

When I try to ping srvXXX.hstng.cloud from outside it return unknow host

You have to fix that first before looking at SSL.

The second screenshot is correct. The hostname record always has no and yes there.

Then the first screenshot.
I always use ns1.domain.com and not ns1.server.domain.com which is something DA might set as default. But if you want it to work, you also have to set this at your registrar then.
A better way is to use this under the domain so just ns1.domain.com and ns2.domain.com makes life a little easier.

If you want to keep it as you have it now, fine too, but then check what you have set under your registrar of that .cloud domain as nameservers.

 

[LaqueP]

You have to fix that first before looking at SSL.

The second screenshot is correct. The hostname record always has no and yes there.

Then the first screenshot.
I always use ns1.domain.com and not ns1.server.domain.com which is something DA might set as default. But if you want it to work, you also have to set this at your registrar then.
A better way is to use this under the domain so just ns1.domain.com and ns2.domain.com makes life a little easier.

If you want to keep it as you have it now, fine too, but then check what you have set under your registrar of that .cloud domain as nameservers.

Very appreciate for your help.

I tried a lot of things to use the hostname provided by hostinger, but something strange happens on the installation.

All the certificates point to hostname server-89-116-52-173.da.direct

the default name servers was ns1.server-89-116-52-173.da.direct and ns2.server-89-116-52-173.da.direct

When I ping to this hostname it points an IP from other hosting.

I don't know what happening, the PTR record from the IP returns the correct name server from Hostinger.

I modified the name servers like you said and reboot the system, but this hostname doesn't resolve.

What do you think I can check more?

 

[floyd]

I tried a lot of things to use the hostname provided by hostinger, but something strange happens on the installation.

Actually it was provided by the installation of DirectAdmin. You should change this to your own hostname. How to do that is in the DA docs.