Hint: The procedure that is described below is for ISPConfig versions < 3.0.3. For newer ispconfig versions, use the builtin ssl certificate creation function of the ispconfig updater instead. The steps below should only be used to manually create a new SSL certificate in case that you can not run the updater on your installation.
The ISPConfig control panel login was running on HTTP by default on early ISPConfig 3 versions. This short tutorial shows how to enable SSL encryption (HTTPS) for the ispconfig vhost.
1) Make the directory for the SSL certificate:
mkdir /usr/local/ispconfig/interface/ssl
cd /usr/local/ispconfig/interface/ssl
2) Create the SSL certificate files
openssl genrsa -des3 -out ispserver.key 4096 openssl req -new -key ispserver.key -out ispserver.csr openssl x509 -req -days 3650 -in ispserver.csr \ -signkey ispserver.key -out ispserver.crt openssl rsa -in ispserver.key -out ispserver.key.insecure mv ispserver.key ispserver.key.secure mv ispserver.key.insecure ispserver.key
3) Enable the mod_ssl module
a2enmod ssl
4) Edit th ISPConfig vhost file
nano /etc/apache2/sites-available/ispconfig.vhost
and insert the following lines insert the fallowing lines between the "<VirtualHost ....></VirtualHost>" tags:
SSLEngine On SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
5) Restart apache2
service apache2 restart
The ISPConfig control panel login is now reachable on port 8080 by HTTPS.