It would be nice if there would be an autoSSL feature (maybe switchable for packages) because SSL is almost always needed these days.
Auto SSL does like run a nightly cronjob and see which new domains are created. For these domains an SSL certificate is requested automatically.
Seems a nice idea for Directadmin too.
This is nothing like cPanel... after many months of using it, I can tell it fails miserably to replace some certs and to renew some certs... I had to create a plugin on my billing software to monitor the certs on each DA server via API and force the replace and renew of the certs... It is far from reliable.
Assuming that DA asks for hostname before even installation (when getting license) and it requires a FQDN when installing, maybe this feature should also auto-create the first SSL for server's hostname when installing DirectAdmin. If someone has a wildcard or any other cert can install it later.
That means the setup need to install letsencrypt and DA needs to automatically trigger this /usr/local/directadmin/letsencrypt.sh request_single "test.server.com" 4096. Because currently letsencrypt is not enabled by default. This is a good idea.
We need an SSL page under admin which gives a list of your domains with expiry date, then with the option to set auto renew or a button to renew now. It would also be useful to allow you to set the hostname and choose SSL.
WHen i try to open SSL Certificates it says... "Cannot Execute Your Request. SSL is not enabled for this domain" Please help. I cannot open SSL Certificates
Please post problems on the forum, not in the feature request section.
You can enable SSL in the package and/or in your domain setup. Further questions on the forum please.
Would be nice to have the issuing of Let's Encrypt certificate done automated.
For instance add it to a queue and once the domain resolves (maybe require a validation DNS record/.well-known system).
we already developed a custom auto SSL running every hours. 1 per day is too long, clients want to have SSL immediately.
That's your own choice ofcourse and a possibility.
DA also has to keep in mind that nobody runs into request limits.
As far as I know cP is als doing it just once aday as far as I know. I'm already glad it gets implemented. ;)
Agreed that this would be great.
Some logic applied would be to have the initial request for SSL performed after a period of time after the domain was created, and if ssl generation fails after a certain amount of attempts then to remove it from the auto ssl list, and change the frequency in which the server tries to apply LE certs to the domain.