Let's Encrypt

TCAdmin now supports automatically creating Let's Encrypt certificates for the control panel website and remote server. This feature requires the MVC control panel.

Features

  • Custom domain or subdomain (make sure it resolves to your server's primary IP).
    • If you don't specify a subdomain the primary IP's reverse DNS name will be used. If this fails it will fall back to [server-ip].dyn.tcadmin.net
  • File manager upload/downloads go directly to the remote server instead of being uploaded to the master first then to the remote.

Requirements

  • Port 80 must be available.
    • [Linux] Port 80 must not be used by other web servers.
    • [Windows] Port 80 may be used by IIS but not by other web servers.


Configure Let's Encrypt

  • Go to Sever Management > Servers > Select your server
  • Under "Let's Encrypt Configuration" check "Enable support for Let's Encrypt"
  • Specify a custom domain or sub domain. If it's not specified it will be generated automatically.
  • Save then select Tools > Restart Monitor.
  • The certificate will be generated in less than 5 minutes. If you didn't specify a domain you should see the autogenerated domain in the server settings.
  • You should be able to access your control panel using https://domain:secureport

How to...

Use the control panel without the port (https://domain)
[Windows] Set the monitor's secure port to 443, save and restart.
[Linux] Edit /home/tcadmin/Monitor/tcadmin-config and set SECURE_WEB_PORT to 443. Then restart the monitor.


Enable Let's Encrypt for many remote servers.
Execute this command on your database:
UPDATE tc_servers SET direct_fileman_allowed=1 WHERE server_id <> 1;
Then go to Server Management > Servers > Restart Remotes.


Force https
Go to Settings > Security Settings. Set SSL Access = All pages
Retrieved from "https://help.tcadmin.com/index.php?title=Let%27s_Encrypt&oldid=2396"