Install SSL for ISPConfig Control Panel
To add SSL for ISPConfig control panel, add the server hostname as a website in ISPConfig and enable the LetsEnrypt checkbox. You can find the server hostname with the command
1 |
hostname -f |
That will get SSL installed for your hostname. You need to point the server hostname to the server’s IP address to get SSL certificate. Visit server hostname subdomain in a browser and verify SSL works.
Once you have a valid LetsEncrypt SSL certificate installed on your site, create a file
1 2 |
mkdir /usr/serverok/ vi /usr/serverok/ssl-hostname-renew |
Add the following content to the file
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
#!/bin/bash cat /etc/letsencrypt/live/$(hostname -f)/fullchain.pem > /usr/local/ispconfig/interface/ssl/ispserver.crt cat /etc/letsencrypt/live/$(hostname -f)/privkey.pem > /usr/local/ispconfig/interface/ssl/ispserver.key cat /usr/local/ispconfig/interface/ssl/ispserver.{key,crt} > /usr/local/ispconfig/interface/ssl/ispserver.pem chmod 600 /usr/local/ispconfig/interface/ssl/ispserver.pem systemctl restart apache2 cat /usr/local/ispconfig/interface/ssl/ispserver.crt > /etc/postfix/smtpd.cert cat /usr/local/ispconfig/interface/ssl/ispserver.key > /etc/postfix/smtpd.key service postfix restart service dovecot restart cat /usr/local/ispconfig/interface/ssl/ispserver.pem > /etc/ssl/private/pure-ftpd.pem chmod 600 /etc/ssl/private/pure-ftpd.pem service pure-ftpd-mysql restart |
If you use nginx webserver, replace apache2 with nginx.
Make the script executable
1 |
chmod 755 /usr/serverok/ssl-hostname-renew |
Run the script to activate SSL for the ISPConfig control panel, FTP, and mail server.
1 |
/usr/serverok/ssl-hostname-renew |
Now set a cronjob
1 |
crontab -e |
Add
1 |
@weekly /usr/serverok/ssl-hostname-renew > /dev/null |
Now you should be able to access ISPConfig with a valid SSL certificate on URL
1 |
https://HOSTNAME:8080 |
Back to ISPconfig