Difference between revisions of "Let's Encrypt"

Line 2: Line 2:
  
 
== Features ==
 
== Features ==
* Custom domain or subdomain (make sure it resolves to your server's primary IP).
+
* Supports custom domain or subdomain (make sure it resolves to your server's primary IP).
 
** If you don't specify a subdomain the primary IP's reverse DNS name will be used. If this fails it will fall back to [server-ip].dyn.tcadmin.net
 
** If you don't specify a subdomain the primary IP's reverse DNS name will be used. If this fails it will fall back to [server-ip].dyn.tcadmin.net
 
* Improved speed in file manager uploads and downloads.
 
* Improved speed in file manager uploads and downloads.

Revision as of 14:02, 19 March 2021

TCAdmin 2.0.162 supports automatically creating Let's Encrypt certificates for the control panel website and remote server. This feature requires the MVC control panel.

Features

  • Supports custom domain or subdomain (make sure it resolves to your server's primary IP).
    • If you don't specify a subdomain the primary IP's reverse DNS name will be used. If this fails it will fall back to [server-ip].dyn.tcadmin.net
  • Improved speed in file manager uploads and downloads.
    • File manager upload/downloads go directly to the remote server instead of being uploaded to the master first then to the remote.

Requirements

  • Port 80 on the primary IP must be available.
    • [Linux] Port 80 must not be used by other web servers.
    • [Windows] Port 80 may be used by IIS but not by other web servers.

Configure Let's Encrypt

  • Go to Sever Management > Servers > Select your server
  • Under "Let's Encrypt Configuration" check "Enable support for Let's Encrypt"
  • Specify a custom domain or sub domain. If it's not specified it will be generated automatically.
  • Save then select Tools > Restart Monitor.
  • The certificate will be generated in less than 5 minutes.
    • If you didn't specify a domain you should see the autogenerated domain in the server settings after it has been configured correctly.
  • You should be able to access your control panel using https://domain:secureport

How to...

Use the control panel without the port (https://domain)
[Windows] Set the monitor's secure port to 443, save and restart.
[Linux] Edit /home/tcadmin/Monitor/tcadmin-config and set SECURE_WEB_PORT to 443. Then restart the monitor.


Enable Let's Encrypt for many remote servers.
Execute this command on your database:
UPDATE tc_servers SET direct_fileman_allowed=1 WHERE server_id <> 1;
Then go to Server Management > Servers > Restart Remotes.


Force https
Go to Settings > Security Settings. Set SSL Access = All pages
Retrieved from "https://help.tcadmin.com/index.php?title=Let%27s_Encrypt&oldid=2403"