As of version 1.50.0, DirectAdmin supports letsencrypt. Using this free initiative, it is possible to secure your domain without purchasing an expensive certificate. The benefit of DirectAdmin's implementation is that it automatically updates the certificate. The certificates from letsencrypt are only valid for 90 days, and after 85 days DirectAdmin tries to renew this automatically.
How to enable Let's Encrypt in DirectAdmin
- To enable letsencrypt, make sure that you are at least running version 1.50.0.
- Open /usr/local/directadmin/conf/directadmin.conf and add the following:
- According to the official instructions, you need to run to following to enable verification of the domain. In our case, this did not work so we have added in addition step 4.
- Open /etc/httpd/conf/extra/httpd-alias.conf and check if the following line exists. If not, add the line and also add the line to /usr/local/directadmin/custombuild/custom/ap2/conf/extra/httpd-alias.conf.
Alias /.well-known "/var/www/html/.well-known"
- Restart Apache.
- Restart DirectAdmin to make sure that it is using the latest configuration.
Let's encrypt is now enabled for you and your clients. If you have disabled SSL by default for every user, click here to see how to enable SSL in DirectAdmin for every user.