Link SSL certificates
SSL in DirectAdmin (versions may differ in setup)
Added in DirectAdmin for the server:
# /usr/local/directadmin/scripts/letsencrypt.sh server_cert
(https://help.directadmin.com/item.php?id=629)
Source of certificate:
/usr/local/directadmin/data/users/[username]/domains/[domain.com].key
/usr/local/directadmin/data/users/[username]/domains/[domain.com].cert
/usr/local/directadmin/data/users/[username]/domains/[domain.com].cacert
/usr/local/directadmin/data/users/[username]/domains/[domain.com].cert.combined
Create symlinks with:
ln -sf /path/to/filetolinkto /path/to/linktocreate
Webserver Apache level:
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
SSLCACertificateFile /etc/httpd/conf/ssl.crt/server.ca
Controlpanel DirectAdmin level:
/usr/local/directadmin/conf/cakey.pem
/usr/local/directadmin/conf/cacert.pem
/usr/local/directadmin/conf/carootcert.pem
Webserver Nginx level:
when proxy: /etc/httpd/conf/ssl.crt/server.crt.combined
in case being used: /etc/nginx/ssl.crt/server.crt.combined
Mail Transfer Agent Exim level:
/etc/exim.key (private key)
/etc/exim.cert (certificate followed by bundle)
IMAP / POP3 server Dovecot:
in /etc/dovecot/conf/ssl.conf and /etc/dovecot/conf/sni/[domain.com].conf
/etc/exim.key
/etc/exim.cert
in my setup leading to:
/usr/local/directadmin/data/users/[username]/domains/[domain.com].key
/usr/local/directadmin/data/users/[username]/domains/[domain.com].cert.combined
ProFTPd:
/etc/proftpd.conf easily links to the exim certificate files.
Note: I needed in /etc/ssh/ for restart of ProFTPd: chmod 600 ssh_host_rsa_key
Pure-FTPd:
/etc/pure-ftpd.pem cannot easily link to one file containing private key followed by certificate and bundle.
Let’s Encrypt renewal time:
/usr/local/directadmin/data/users/[username]/domains/[domain.com].cert.creation_time
Let’s Encrypt server renewal data (I did symlink them from user data):
/usr/local/directadmin/conf/ca.san_config
/usr/local/directadmin/conf/ca.csr
/usr/local/directadmin/conf/cacert.pem.creation_time
/usr/local/directadmin/conf/cakey.pem
/usr/local/directadmin/conf/cacert.pem /usr/local/directadmin/conf/carootcert.pem
SSL in PHP and for database connections is not in my scope right now
set up for ODBC is on a separate page