Hint: The procedure that is described below is for ISPConfig versions < 3.0.3. For newer ispconfig versions, use the builtin ssl certificate creation function of the ispconfig updater instead. The steps below should only be used to manually create a new SSL certificate in case that you can not run the updater on your installation.
The ISPConfig controlpanel login is running on http by default. This short tutorial shows you how to enable SSL encryption (https) vor the ispconfig vhost.
1) Make the directory for the SSL certificate:
2) Create the SSL certificate files
openssl genrsa -des3 -out ispserver.key 4096
openssl req -new -key ispserver.key -out ispserver.csr
openssl x509 -req -days 3650 -in ispserver.csr \
-signkey ispserver.key -out ispserver.crt
openssl rsa -in ispserver.key -out ispserver.key.insecure
mv ispserver.key ispserver.key.secure
mv ispserver.key.insecure ispserver.key
3) Enable the mod_ssl module
4) Edit th ISPConfig vhost file
and insert the following lines insert the fallowing lines between the “<VirtualHost ….></VirtualHost>” tags:
5) Restart apache2
The ISPConfig controlpanel login is now reachable on port 8080 by https.
In case that configuration changes does not get written to disk in ISPConfig 3, you should enable the debugging mode.
Login to ISPConfig and go to: System > Server config > Server (name of the server) > Server
and set Logelevl to Debug.
If you use a ISPConfig version < 3.0.2, then debugging has to be enabled in the configuration file:
Edit the ISPConfig configuration file:
and change the line:
$conf["log_priority"] = 2;
$conf["log_priority"] = 0;
The debugging information can be viewed in the system log in the ispconfig monitor and the output is also logged to the file /var/log/ispconfig/ispconfig.log
If you run a multiserver system, then you will have to enable debugging on the slave were the error occurs and not on the master node.
If you experience problems with slow logins in pure-ftpd, this is often caused by a problem with the resolving of the clients hsotname. This happens e.g. when you run a FTP server in your intranet and the hostname of the client computer does not exist in DNS. To disable name resolving in pureftpd, run the command:
echo ‘yes’ > /etc/pure-ftpd/conf/DontResolve
and then restart pure-ftpd
Disabling name resolving also fixes the following error message:
Jul 24 16:26:28 ispconfig pure-ftpd: (?@?) [ERROR] Sorry, invalid address given
ISPConfig 3 has a builtin language editor to easily create translations of the ISPConfig interface.
Creating a new language file set
Login into ISPConfig as admin user. Click on “System” in the upper menu and then on “New Language” in the left menu. As language basis you should always use “en” as this is the master language file set in ISPConfig. In the field “new language” enter the iso code for the language that you want to create, e.g. “de” for german or “fr” for french. The iso code shall be lower case. Then click on the “Create new language file set” button at the bottom of the page.
List of all ISO language codes: http://en.wikipedia.org/wiki/List_of_ISO_639-1_codes
Translating the languge files
Login into ISPConfig as admin user. Click on “System” in the upper menu and then on “Languages” in the left menu. Then select the language that you want to alter in the “Select Language” option field and start the translation by clicking on the langauge file name below and editing the text strings in the form fields. to save the modifications, click on the “Save” button.
Exporting a language file set
The Language editor also contains a function to export language file sets. This is useful if you want to make a copy of your custom language file set before you update ISPConfig or if you like to send a language file set to the ISPConfig developers to be merged into the next release.
To export a language file set, login into ISPConfig as admin user, click on “System” in the upper menu and then on “Languages” > “Export” in the left menu. Select the language that shall be exported and download the language file.
If you like to contribute your translation to the ispconfig project, please send the exported language file by email to dev [at] ispconfig [dot] org
The templates for the configuration files are located in the folder:
The templates for the default index pages are in the folder:
The templates for the error pages are in the folder:
To allow email users in ISPConfig 3 that do not have a client login to change their password, you can use one of these webmail plugins:
Plugin for roundcube:
Plugin for Squirrelmail:
Tutorial about installing the squirrelmail plugin:
This articles describes the renewal of SSL certificates for courier pop3 and imap server. This is nescessary e.g. when the certificates are expired or contain the wrong hostname.
First delete the exsiting certificates:
rm -f /etc/courier/imapd.pem
rm -f /etc/courier/pop3d.pem
Then edit the template that contains the details for the ecrtificates so that the hostname in the certificate matches the hsotanme of your server and that the email address matches your postmaster email address:
and create the new certificates:
Courier pop3 and imap have to be restarted so they pick up the new ecrtificates:
Execute the following commands as root user on the shell:
openssl genrsa -des3 -passout pass:yourpassword -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
openssl req -new -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
openssl req -x509 -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
openssl rsa -passin pass:yourpassword -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key
ISPConfig 2: I have deleted a site/domain and now want to create a new site/domain with the same name but ISPConfig does not allow it.
Most probably the deleted site/domain is still in the recycle bin. You have to delete them first in the recycle bin before you are able to create a new object with that name.
The statistics are updated once a day. Once this has happened the new user can log in.