Let's Encrypt
From TCAdmin 2.0 Documentation
TCAdmin now supports automatically creating Let's Encrypt certificates for the control panel website and remote server. This feature requires the MVC control panel.
Features
- Custom domain or subdomain (make sure it resolves to your server's primary IP).
- If you don't specify a subdomain the primary IP's reverse DNS name will be used. If this fails it will fall back to [server-ip].dyn.tcadmin.net
- File manager upload/downloads go directly to the remote server instead of being uploaded to the master first then to the remote.
Requirements
- Port 80 must be available.
- [Linux] Port 80 must not be used by other web servers.
- [Windows] Port 80 may be used by IIS but not by other web servers.
Configure Let's Encrypt
- Go to Sever Management > Servers > Select your server
- Under "Let's Encrypt Configuration" check "Enable support for Let's Encrypt"
- Specify a custom domain or sub domain. If it's not specified it will be generated automatically.
- Save then select Tools > Restart Monitor.
- The certificate will be generated in less than 5 minutes. If you didn't specify a domain you should see the autogenerated domain in the server settings.
- You should be able to access your control panel using https://domain:secureport
How to...
- Use the control panel without the port (https://domain)
- [Windows] Set the monitor's secure port to 443, save and restart.
- [Linux] Edit /home/tcadmin/Monitor/tcadmin-config and set SECURE_WEB_PORT to 443. Then restart the monitor.
- Enable Let's Encrypt for many remote servers.
- Execute this command on your database:
UPDATE tc_servers SET direct_fileman_allowed=1 WHERE server_id <> 1;
- Then go to Server Management > Servers > Restart Remotes.