Install SSL for ISPConfig Control Panel

To add SSL for ISPConfig control panel, add the server hostname as a website in ISPConfig and enable the LetsEnrypt checkbox. You can find the server hostname with the command

hostname -f

That will get SSL installed for your hostname. You need to point the server hostname to the server’s IP address to get SSL certificate. Visit server hostname subdomain in a browser and verify SSL works.

Once you have a valid LetsEncrypt SSL certificate installed on your site, create a file

mkdir /usr/serverok/
vi /usr/serverok/ssl-hostname-renew

Add the following content to the file

#!/bin/bash

cat /etc/letsencrypt/live/$(hostname -f)/fullchain.pem > /usr/local/ispconfig/interface/ssl/ispserver.crt
cat /etc/letsencrypt/live/$(hostname -f)/privkey.pem > /usr/local/ispconfig/interface/ssl/ispserver.key
cat /usr/local/ispconfig/interface/ssl/ispserver.{key,crt} > /usr/local/ispconfig/interface/ssl/ispserver.pem
chmod 600 /usr/local/ispconfig/interface/ssl/ispserver.pem
systemctl restart apache2

cat /usr/local/ispconfig/interface/ssl/ispserver.crt > /etc/postfix/smtpd.cert
cat /usr/local/ispconfig/interface/ssl/ispserver.key > /etc/postfix/smtpd.key
service postfix restart
service dovecot restart

cat /usr/local/ispconfig/interface/ssl/ispserver.pem > /etc/ssl/private/pure-ftpd.pem
chmod 600 /etc/ssl/private/pure-ftpd.pem
service pure-ftpd-mysql restart

If you use nginx webserver, replace apache2 with nginx.

Make the script executable

chmod 755 /usr/serverok/ssl-hostname-renew

Run the script to activate SSL for the ISPConfig control panel, FTP, and mail server.

/usr/serverok/ssl-hostname-renew

Now set a cronjob

crontab -e

Add

@weekly /usr/serverok/ssl-hostname-renew > /dev/null

Now you should be able to access ISPConfig with a valid SSL certificate on URL

https://HOSTNAME:8080

Back to ISPconfig

Need help with Linux Server or WordPress? We can help!

Leave a Reply

Your email address will not be published. Required fields are marked *