Directadmin Enable SSL

It's really silly how DA doesn't enable SSL by default but is otherwise a stable, fast and secure control panel.

Here's a copy and paste way of enabling SSL for Directadmin in just a few seconds:

*setup SSL

openssl req -x509 -newkey rsa:1024 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9999 -nodes

That creates the public certificate and private key pair in the location Directadmin expects to find it and with the filenames it expects.

Set the correct permissions

chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem

Enable SSL in the config file

sed -i "s/SSL=0/SSL=1/g" /usr/local/directadmin/conf/directadmin.conf

Restart Directadmin

service directadmin restart

Visit https://yourip:2222 and you'll see that SSL is enabled and working, this is again a huge security blunder for Directadmin because there's no excuse for the control panel not to be encrypted by SSL by default.  In fact I don't think any Control Panel should even have the option of connecting without SSL.


Tags:

directadmin, enable, sslit, doesn, ssl, default, panel, enabling, openssl, req, newkey, rsa, keyout, usr, conf, cakey, pem, cacert, nodes, creates, certificate, expects, filenames, permissions, chown, diradmin, chmod, config, sed, quot, restart, https, yourip, ll, enabled, blunder, encrypted, connecting,

Latest Articles

  • Linux ln symlink how to update existing symbolic link
  • Ubuntu 18.04 / Linux Mint 19.1 Cannot Type or Login - solution
  • LUKS Hard Drive Encryption on Linux Mint Ubuntu Debian etc how to mount encrypted hard drive
  • How to use nmap locate other machines/computers/servers on your network using nmap
  • Linux Mint 18.2 Create Config File To Start Application Upon Login
  • Dell Wyse Thin Client BIOS Access Key
  • sudoers file in /etc warning about comments/includes!
  • Centos 7 Reallocate logical volume space to another
  • lvm how to reduce volume size
  • letsencrypt certbot error "Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80."
  • SSH error cannot Forward or Listen "bind: Cannot assign requested address"
  • X11 SSH Linux Forwarding Error
  • Using Microsoft's Group Policy Management Editor (GPME) To Change Default Permissions and Internet Explorer Security Settings
  • Thunderbird How To Disable An Email Account
  • iptables linux firewall recommended rules for public computing
  • LVM How To Create Pool (dynamically allocated and not fully allocated)
  • VMWare Pro Workstation Nic Disconnected and No IP Using NAT
  • Linux How To Create A RamDisk
  • mdadm force resync when resync=PENDING solution
  • Proxmox Breaks Storage/LVM Backing If Killing QEMU-IMG