Serious issue after migrating many accounts from other DA server, some SSL stop working and no way to bulk rebuild it?

W

wdc

Verified User
Joined
Dec 8, 2013
Messages
77
Hello,

three years ago i have faced it and today again.
DirectAdmin (or cPanel 3 years ago) full backups was restored in bulk (using reseller DA accoun restore function) and significant number of domains from many accounts are showing: SSL_ERROR_BAD_CERT_DOMAIN instead of a website and clients are complaining.

SOLUTION: One would expect that
A) DA will automatically fix it after restore (by generating new LetsEncrypt SSL)
B) cronjob (daily?) that periodically checks SSL will automatically fix it generating new LetsEncrypt SSL. cPanel AutoSSL automatically assign signed certificate to the non ssl domains.
C) i can ask server admin to run certain script or function to do this task manually on all my resold accounts that belong to my reseller account.

3 years ago, i was told "You will need to login to each account and assign SSL via Let's Encrypt as we do not have AutoSSL on DirectAdmin."

So how it is now. Do i have to manually login like 80 accounts and do SSL for each of its domain?!

Thank You
PS: if you have access to DA ticket system, consider submitting a ticket for this, maybe mentioning number here.
 
wdc said:
Hello , here you go

Automatically set up Let's Encrypt SSL for all domains that do not currently have a certificate​

The new Let's Encrypt feature is a great way to easily secure your website connections at no cost. If you already have many websites that you want to secure all at once, you can use the autoletsencrypt.sh script to do this.

After you've enabled Let's Encrypt on the system, you can install certificates for all domains using the following script:

cd /root
wget -O autoletsencrypt.sh http://files.directadmin.com/services/all/letsencrypt/autoletsencrypt.sh
chmod 755 autoletsencrypt.sh
./autoletsencrypt.sh
Click to expand...
 
Hello,

If one does sets this up, is it a one time addition of Let's Encrypt SSL to the sites needing it? Or will any sites added to the server going forward then attempt to set up SSL automatically?
 
CharlesWorks said:
Or will any sites added to the server going forward then attempt to set up SSL automatically?
Click to expand...
No that's only for already existing sites which do not have SSL yet, provided that ssl and LE are enabled in directadmin.conf and that the users package also has SSL enabled.

If you want to create the autossl feature for future domains, you can enable it. There are some things which need to be checked, or maybe changed, so best is to have a look here.

Automatic SSL Certificates | Directadmin Docs

DirectAdmin Knowledge Base
docs.directadmin.com
 
@wdc -- we do have this level of automation through the Admin SSL feature, where there is automatic background scanning for old/expired/invalid certificates. Please see this section of our documentation for the requirements & functionality of Admin SSL.

@CharlesWorks I just got beat to the answer by @Richard G. He's correct that you should check out Automatic SSL.
 
You must log in or register to reply here.
Back
Top