This tutorial describes the steps to renew the SSL Certificate of the ISPConfig 3 control panel. There are two alternative ways to achieve that:
- Create a new OpenSSL Certificate and CSR on the command line with OpenSSL.
- Renew the SSL Certificate with the ISPConfig updater
I'll start with the manual way to renew the ssl cert.
1) Create a new ISPConfig 3 SSL Certificate with OpenSSL
Login to your server on the shell as root user. Before we create a new SSL Cert, backup the current ones. SSL Certs are security sensitive so I'll store the backup in the /root/ folder.
tar pcfz /root/ispconfig_ssl_backup.tar.gz /usr/local/ispconfig/interface/ssl
chmod 600 /root/ispconfig_ssl_backup.tar.gz
Now create a new SSL Certificate key, Certificate Request (csr) and a self signed Certificate.
openssl genrsa -des3 -out ispserver.key 4096
openssl req -new -key ispserver.key -out ispserver.csr
openssl x509 -req -days 3650 -in ispserver.csr \
-signkey ispserver.key -out ispserver.crt
openssl rsa -in ispserver.key -out ispserver.key.insecure
mv ispserver.key ispserver.key.secure
mv ispserver.key.insecure ispserver.key
Restart Apache to load the new SSL Certificate.
service apache2 restart
2) Renew the SSL Certificate with the ISPConfig installer
The alternative way to get a new SSL Certificate is to use the ISPConfig update script.
Download ISPConfig to the /tmp folder, unpack the archive and start the update script.
tar xvfz ISPConfig-3-stable.tar.gz
php -q update.php
The update script will ask the following question during update:
Create new ISPConfig SSL certificate (yes,no) [no]:
Answer "yes" here and the SSL Certificate creation dialog will start.
FFmpeg has been removed from Ubuntu 14.04 and was replaced by Libav. This decision has been reversed so that FFmpeg is available now in Ubuntu 15.04 again, but there is still no official package for 14.04. In this tutorial, I will show you how to install FFmpeg from mc3man ppa. Add the mc3man ppa:
sudo add-apt-repository ppa:mc3man/trusty-media
And confirm the following message by pressing <enter>:
Also note that with apt-get a sudo apt-get dist-upgrade is needed for initial setup & with some package upgrades
More info: https://launchpad.net/~mc3man/+archive/ubuntu/trusty-media
Press [ENTER] to continue or ctrl-c to cancel adding it
Update the package list.
sudo apt-get update
sudo apt-get dist-upgrade
Now FFmpeg is available to be installed with apt:
sudo apt-get install ffmpeg
Follow these steps to disable IPv6 on CentOS. Edit the /etc/sysctl.conf file, I will use the nano editor here:
And add the following line at the end of the file:
net.ipv6.conf.all.disable_ipv6 = 1
to load the new settings.
The next step is to edit the network card configuration file (/etc/sysconfig/network-scripts/ifcfg-eth*) and add or edit the setting IPV6INIT so that it is set to "no".
Now edit the file /etc/sysconfig/network:
And set the NETWORKING_IPV6 option to "no":
Then restart the server.
Examples on how to add Linux users to groups with simple shell commands for CentOS, Debian and Ubuntu. Continue reading Linux: Add user to Group
The Linux tar command is the swiss army of the Linux admin when it comes to archiving or distributing files. Gnu Tar archives can contain multiple files and directories, file permissions can be preserved and it supports multiple compression formats. The name tar stands for "Tape Archiver", the format is an official POSIX standard. Continue reading The tar command explained
You might have to remove an existing GPT partition table from a hard disk when you install another OS like Windows which can't cope with GPT or like in my case, when you want to add an HDD into a RAID were the other disks use the traditional MBR partition table.
Continue reading How to remove a GPT partition table from HDD
High page speed and short page load times of your website are essential for good search engine rankings today. In this FAQ, I will show you how to enable caching of graphic and CSS files in apache on Ubuntu and Debian.
The first step is to enable the expires module in apache:
a2enmod headers expires
This module allows the apache web server to set HTTP headers, in this case, to set the modification header for static assets like image and CSS files that don't change often.
Add the following config snippet inside the vhost file of the web site or at the end of the file /etc/apache2/apache2.conf to enable it globally.
Header set Cache-Control "max-age=3024000, public"
Finally reload apache to apply the configuration change.
service apache2 reload
On ISPConfig 3 servers, the snippet can be added in the "Apache Directives" field of the website instead. There is no apache reload required as ISPConfig takes care about that.
Today I will outline the options to kill an unresponsive OpenVZ container.
Continue reading How to kill an OpenVZ Container?
Jailkit is an easy to use tool to create and maintain jail environments for shell users on Linux. In this guide, I will show you how to move PHP and its dependencies into the jail so that the jailed user can execute PHP scripts inside the jail.
Continue reading How to add PHP support for jailed SSH users in ISPConfig 3
Sometimes you might want to download an entire website e.g. to archive it or read it offline. This tutorial will show you which application can be used on Windows and Linux.
Continue reading How can I download an entire website?