Directadmin Enable SSL

It's really silly how DA doesn't enable SSL by default but is otherwise a stable, fast and secure control panel.

Here's a copy and paste way of enabling SSL for Directadmin in just a few seconds:

*setup SSL

openssl req -x509 -newkey rsa:1024 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9999 -nodes

That creates the public certificate and private key pair in the location Directadmin expects to find it and with the filenames it expects.

Set the correct permissions

chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem

Enable SSL in the config file

sed -i "s/SSL=0/SSL=1/g" /usr/local/directadmin/conf/directadmin.conf

Restart Directadmin

service directadmin restart

Visit https://yourip:2222 and you'll see that SSL is enabled and working, this is again a huge security blunder for Directadmin because there's no excuse for the control panel not to be encrypted by SSL by default.  In fact I don't think any Control Panel should even have the option of connecting without SSL.


Tags:

directadmin, enable, sslit, doesn, ssl, default, panel, enabling, openssl, req, newkey, rsa, keyout, usr, conf, cakey, pem, cacert, nodes, creates, certificate, expects, filenames, permissions, chown, diradmin, chmod, config, sed, quot, restart, https, yourip, ll, enabled, blunder, encrypted, connecting,

Latest Articles

  • Debian and Netplan
  • CentOS 8 how to restart the network!
  • CentOS 8 how to convert to a bootable mdadm RAID software array
  • ADATA USB Thumb Drive Issues
  • KMODE EXCEPTION NOT HANDLED - QEMU/KVM Won't Boot Windows 2016 or 10 Image or Physical Machine
  • Linux Mint / Ubuntu / Debian Mate Disable Guest Session and Hide Usernames on Lightdm Login screen GUI
  • SSH How To Create Public/Private Key Pair and with a Larger Keysize than 2048 bits
  • selenium.common.exceptions.WebDriverException: Message: Can not connect to the Service geckodriver
  • python ModuleNotFoundError: No module named 'bs4' even though you have the module
  • ssh how to connect using a SOCKS 5 proxy with nc and proxycommand
  • Enable AMDGPU Linux Driver
  • apache symlinks denied even with followsymlinks
  • chown how to change ownership on a symlink
  • how to use ifplugd in Linux to execute a command or script when a NIC cable is unplugged or plugged in
  • dd how to backup and restore disk images including compression with gzip
  • mpv / mplayer with Radeon / AMD GPU Video Card Driver enable VDPAU GPU Accelerated Video Decoding
  • Wordpress Reset Blog User Password from MySQL Using Linux Bash and not PHPMyadmin
  • Ubuntu Linux Mint Debian xorg performance and tear-free tuning for AMD Radeon Based Cards
  • Centos 7 Stopped and Disabled Firewalld and ports still blocked
  • MariaDB / MySQL Reset Root Forgotten Password on Centos 7