Ssl and mail problems

O

orfe

New member
Joined
Sep 21, 2023
Messages
13
Hi,
I've recently purchased directadmin and still trying to learn it. I've installed my server like panel.mydomain.org created private name servers from registrar like ns1.mydomain.org, ns2.mydomain.org and redirect them to my computer ip (actually another computer in my lan). Also added domain panel.mydomain.com before these to enable auto ssl there but the problem is it goes to default blank page as if it is another domain i created, not to login screen.

So if i type
http://panel.mydomain.org:2222 login page opens but no ssl
if i type
https://panel.mydomain.org default web page opens not login page
if i type
https://panel.mydomain.org:2222/ it gives ssl error ERR_SSL_PROTOCOL_ERROR
what should i do in order to open my login page with ssl? (my router's 53,80,443,2222 ports are open and directed to the servers internal ip)

what should i do? any help is appreciated
Thanks in advance
 
I did not use Directadmin on a LAN yet. But I would start (if you not already have done so) to create an SSL page for your hostname.

1.) Did you create a seperate DNS entry for panel.mydomain.org? If not, you might want to do so. Can be done as admin via DNS Administration. Add dns entry like a domain so panel.mydomain.org and the ip and both your nameservers.
2.) After that, go to /etc/virtual and check that the directory panel.mydomain.org is present there, if not then create it (sometimes due to bug it's not created) and chown it to mail.
3.) Be sure your hostname is in full in /etc/hosts file, if not enter it there like:
xx.xx.xx.xx panel.mydomain.org panel
where xx.xx.xx.xx is the required ip address.
4.) Doublecheck your hostname is fqdn with these commands:
hostname hostname -f
both should give panel.mydomain.org as output.
5.) Create an SSL certificate for your hostname:
Code: 
cd /usr/local/directadmin/custombuild/scripts
./letsencrypt.sh request_single panel.mydomain.org 4096

After that, see if things start to work.
 
You don't have to set that anymore. That's a default setting nowadays, same as mail_sni=1 wich is also defaulted to 1.
 
Richard G said:
I did not use Directadmin on a LAN yet. But I would start (if you not already have done so) to create an SSL page for your hostname.

1.) Did you create a seperate DNS entry for panel.mydomain.org? If not, you might want to do so. Can be done as admin via DNS Administration. Add dns entry like a domain so panel.mydomain.org and the ip and both your nameservers.
2.) After that, go to /etc/virtual and check that the directory panel.mydomain.org is present there, if not then create it (sometimes due to bug it's not created) and chown it to mail.
3.) Be sure your hostname is in full in /etc/hosts file, if not enter it there like:
xx.xx.xx.xx panel.mydomain.org panel
where xx.xx.xx.xx is the required ip address.
4.) Doublecheck your hostname is fqdn with these commands:
hostname hostname -f
both should give panel.mydomain.org as output.
5.) Create an SSL certificate for your hostname:
Code: 
cd /usr/local/directadmin/custombuild/scripts
./letsencrypt.sh request_single panel.mydomain.org 4096

After that, see if things start to work.
Click to expand...
Thanks for the quick reply
1) I have 2 ns entry for panel.mydomain.org pointing to ns1.mydomain.org and ns2.mydomain.org (added at the registrar)
2) panel.mydomain.org exists in /etc/virtual
3) it is there like this:
192.168.10.5 panel.mydomain.com panel
4) yes both commands gives it.
5) it has a certificate already but when i type in https://panel.mydomain.org it goes to default starter web page with ssl working if i put :2222 it gives error, if i type http://panel.mydomain.org:2222 it goes but without ssl
 
toml said:
If that was the case, his non ssl attempt to connect to port 2222 would have failed to show the login page
Click to expand...
According to the docs it's on by default.
However, it can't hurt trying anyway, you could be right and the docs could be wrong, wouldn't be the first time that would be the case.

Could you try adding ssl=1 in /usr/local/directadmin/conf/directadmin.conf @orfe if not already present, then restart directadmin and see if that fixes the issue?

How about https://mydomain.org:2222 does that work or don't you have that domain added yet?
 
Richard G said:
According to the docs it's on by default.
However, it can't hurt trying anyway, you could be right and the docs could be wrong, wouldn't be the first time that would be the case.

Could you try adding ssl=1 in /usr/local/directadmin/conf/directadmin.conf @orfe if not already present, then restart directadmin and see if that fixes the issue?

How about https://mydomain.org:2222 does that work or don't you have that domain added yet?
Click to expand...
ssl=1 trick worked thanks guys
 
You must log in or register to reply here.
Back
Top