Difference between revisions of "Let's Encrypt"
From TCAdmin 2.0 Documentation
Line 5: | Line 5: | ||
** If you don't specify a subdomain the primary IP's reverse DNS name will be used. If this fails it will fall back to [server-ip].dyn.tcadmin.net | ** If you don't specify a subdomain the primary IP's reverse DNS name will be used. If this fails it will fall back to [server-ip].dyn.tcadmin.net | ||
* Improved speed in file manager uploads and downloads. | * Improved speed in file manager uploads and downloads. | ||
− | ** | + | ** When using the control panel with https the file manager upload/downloads go directly to the remote server instead of being uploaded to the master first then to the remote. |
== Requirements == | == Requirements == |
Revision as of 14:15, 19 March 2021
TCAdmin 2.0.162 supports automatically creating Let's Encrypt certificates for the control panel website and remote server. This feature requires the MVC control panel.
Features
- Supports custom domain or subdomain (make sure it resolves to your server's primary IP).
- If you don't specify a subdomain the primary IP's reverse DNS name will be used. If this fails it will fall back to [server-ip].dyn.tcadmin.net
- Improved speed in file manager uploads and downloads.
- When using the control panel with https the file manager upload/downloads go directly to the remote server instead of being uploaded to the master first then to the remote.
Requirements
- Port 80 on the primary IP must be available.
- [Linux] Port 80 must not be used by other web servers.
- [Windows] Port 80 may be used by IIS but not by other web servers.
Configure Let's Encrypt
- Go to Sever Management > Servers > Select your server
- Under "Let's Encrypt Configuration" check "Enable support for Let's Encrypt"
- Specify a custom domain or sub domain. If it's not specified it will be generated automatically.
- Save then select Tools > Restart Monitor.
- The certificate will be generated in less than 5 minutes.
- If you didn't specify a domain you should see the autogenerated domain in the server settings after it has been configured correctly.
- You should be able to access your control panel using https://domain:secureport
How to...
- Use the control panel without the port (https://domain)
- [Windows] Set the monitor's secure port to 443, save and restart.
- [Linux] Edit /home/tcadmin/Monitor/tcadmin-config and set SECURE_WEB_PORT to 443. Then restart the monitor.
- Enable Let's Encrypt for many remote servers.
- Execute this command on your database:
UPDATE tc_servers SET direct_fileman_allowed=1 WHERE server_id <> 1;
- Then go to Server Management > Servers > Restart Remotes.
- Force https
- Go to Settings > Security Settings. Set SSL Access = All pages