Directadmin Enable SSL

It's really silly how DA doesn't enable SSL by default but is otherwise a stable, fast and secure control panel.

Here's a copy and paste way of enabling SSL for Directadmin in just a few seconds:

*setup SSL

openssl req -x509 -newkey rsa:1024 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9999 -nodes

That creates the public certificate and private key pair in the location Directadmin expects to find it and with the filenames it expects.

Set the correct permissions

chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem

Enable SSL in the config file

sed -i "s/SSL=0/SSL=1/g" /usr/local/directadmin/conf/directadmin.conf

Restart Directadmin

service directadmin restart

Visit https://yourip:2222 and you'll see that SSL is enabled and working, this is again a huge security blunder for Directadmin because there's no excuse for the control panel not to be encrypted by SSL by default.  In fact I don't think any Control Panel should even have the option of connecting without SSL.


Tags:

directadmin, enable, sslit, doesn, ssl, default, panel, enabling, openssl, req, newkey, rsa, keyout, usr, conf, cakey, pem, cacert, nodes, creates, certificate, expects, filenames, permissions, chown, diradmin, chmod, config, sed, quot, restart, https, yourip, ll, enabled, blunder, encrypted, connecting,

Latest Articles

  • Linux Ubuntu Cannot Print Large Images
  • Cannot Print PDF Solution and Howto Resize
  • Linux Console Login Screen TTY Change Message
  • Apache Cannot Start Listening Already on 0.0.0.0
  • MySQL Bash Query to pipe input directly without using heredoc trick
  • CentOS 6 and 7 / RHEL Persistent DHCP Solution
  • Debian Ubuntu Mint rc-local service startup error solution rc-local.service: Failed at step EXEC spawning /etc/rc.local: Exec format error
  • MySQL Cheatsheet Guide and Tutorial
  • bash script kill whois or other command that is running for too long
  • Linux tftp listens on all interfaces and IPs by DEFAULT Security Risk Hole Solution
  • python import docx error
  • Cisco Unified Communications Manager Express Cheatsheet CUCME CME
  • Linux Ubuntu Debian Missing privilege separation directory: /var/run/sshd
  • bash how to count the number of columns or words in a line
  • bash if statement how to test program output without assigning to variable
  • RTNETLINK answers: Network is unreachable
  • Centos 7 how to save iptables rules like Centos 6
  • nfs tuning maximum amount of connections
  • qemu-kvm error "Could not initialize SDL(No available video device) - exiting"
  • Centos 7 tftpd will not work with selinux enabled