SSL for ISPconfig

Discussion in 'Installation/Configuration' started by florix.net, Oct 11, 2017.

  1. florix.net

    florix.net Member

    Hi,

    I have a domain dazzpay.com, I have enabled letsencrpyt ssl and it's working fine.

    When I try to access ispconfig on this domain it gives ssl error.

    https://www.dazzpay.com:8080/

    how do I enable ssl for ispconfig using such domains?
     
  2. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    go to /usr/local/ispconfig/interface/ssl folder
    Code:
    rm ispserver.bundle
    rm ispserver.crt
    rm ispserver.key
    ln -s /etc/letsencrypt/live/www.dazzpay.com/chain.pem ispserver.bundle
    ln -s /etc/letsencrypt/live/www.dazzpay.com/cert.pem ispserver.crt
    ln -s /etc/letsencrypt/live/www.dazzpay.com/privkey.pem ispserver.key
    
    reload webserver and don't create new ssl cert when asked during update process
     
  3. florix.net

    florix.net Member

    Thank you for your quick response.

    i have following files

    empty.dir
    ispserver.crt
    ispserver.csr
    ispserver.key
    ispserver.key.secure


    [[email protected] ssl]# ls -l /etc/letsencrypt/live/dazz.co.in/

    lrwxrwxrwx 1 root root 39 Oct 2 11:40 cert.pem -> ../../archive/dazz.co.in/cert1.pem
    lrwxrwxrwx 1 root root 40 Oct 2 11:40 chain.pem -> ../../archive/dazz.co.in/chain1.pem
    lrwxrwxrwx 1 root root 44 Oct 2 11:40 fullchain.pem -> ../../archive/dazz.co.in/fullchain1.pem
    lrwxrwxrwx 1 root root 42 Oct 2 11:40 privkey.pem -> ../../archive/dazz.co.in/privkey1.pem
    -
     
  4. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    in my above instructions just replace the domain part with where you want to access ISPConfig.
    If you don't have that LE certificate for that yet, you'd need to setup a website with LE first in order to link to them.
     
  5. florix.net

    florix.net Member

    I have already added LE certificate and its working fine for that domain.
    when i access ispconfig on that domain, we get unauthorised ssl error.

    Files in my LE folder
    [[email protected] ssl]# ls -l /etc/letsencrypt/live/dazz.co.in/
    cert.pem
    chain.pem
    fullchain.pem
    privkey.pem

    What I am trying to show is different names of files in my LE than you suggested
     
  6. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    you have the files I suggested right there ( chain.pem, cert.pem, privkey.pem ) my startingpoint was
    Code:
    cd /usr/local/ispconfig/interface/ssl 
    and remove the ispserver.* files and replace them with symlinks to the files in your letsencrypt folder - the 2nd param of the ln -s is the target filename.

    If you link ssl certs for /dazz.co.in/ and use www.dazzpay.com to login there will be a SSL error except you have some kind of beta-test for wildcard/multi-domain ssl certs
     

Share This Page