Installing an SSL certificate for your hostname using LetsEncrypt


Enter Your Query:
Use '%' for wildcards and quotes for "exact phrases"


Top Level » SSL » Let's Encrypt

Installing an SSL certificate for your hostname using LetsEncryptLast Modified: Dec 22, 2017, 10:36 pm
As of DA 1.50.0, we've added a new feature that allows you to make use of LetsEncrypt, a tool offering free basic SSL certificates.
We've written the script in such a manner that you can also setup SSL for your hostname and all services in one simple command for your hostname:
eg:

cd /usr/local/directadmin/scripts
./letsencrypt.sh request_single your.hostname.com 4096

which will also install the new cert/key/ca files in all respective global places for apache, dovecot, exim, ftp, and DirectAdmin.
NOTE The hostname value, eg: your.hostname.com must match the "servername" value set in the directadmin.conf, or it will not be in hostname mode, but User domain mode instead.

You must then turn on SSL in DA and tell DA to use the carootcert, as well as force the hostname for SSL:

cd /usr/local/directadmin/conf
perl -pi -e 's/SSL=0/SSL=1/' directadmin.conf
echo "carootcert=/usr/local/directadmin/conf/carootcert.pem" >> directadmin.conf
echo "force_hostname=your.hostname.com" >> directadmin.conf
echo "ssl_redirect_host=your.hostname.com" >> directadmin.conf
service directadmin restart



To fully enable the LetsEncrypt feature so that DA will auto-renew the cert, and so clients can create their own certficates for their domain, also add:

letsencrypt=1

to the directadmin.conf, and restart DA.
 
Related Helpfiles
How to check the details of an ssl certificate
I want a multi-domain certificate for my hostname/mailserver using LetsEncrypt
Manually debugging /.well-known/acme-challenge/letsencrypt_12345
How to enable LetsEncrypt

© 2018 JBMC Software, Suite 173  3-11 Bellerose Drive, St Albert, AB  T8N 1P7  Canada.  Mon-Fri 9AM-5PM MST