Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Subscribe to our newsletter

Advertise on LowEndTalk.com

Latest LowEndBox Offers

    DirectAdmin + OpenLiteSpeed & SSL Configuration : Help Needed
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    DirectAdmin + OpenLiteSpeed & SSL Configuration : Help Needed

    Mahfuz_SS_EHLMahfuz_SS_EHL Member, Provider

    Hi,

    I'm running DirectAdmin Panel with OpenLiteSpeed Web Server.

    But for TLS Version & SSLCiphers, there are two references:

    https://www.directadmin.com/features.php?id=2442
    https://help.directadmin.com/item.php?id=571

    I followed the first link & set |?SSLPROTOCOL=24| which disabled TLS v1.1 & v1.2 but I can set specific ciphers. What are the variables / methods to set specific ciphers there & enable OCSP Stapling ?? There are not so many references / tutorials.

    Seeking community help.

    Thanks.

    AlphaSSL Revocation Issue is being investigated.

    Comments

    • Thanked by 1ViridWeb
      * Centmin Mod Project (HTTP/2 support + ngx_pagespeed + Nginx Lua + Vhost Stats)
      * Centmin Mod LEMP Stack Quick Install Guide
    • vladjvladj Member

      Do you mind to check this request with Direct Admin support ?

    • I've confirmed the sslProtocol works via the token override , but for any settings that are not currently controlled by tokens, just add that raw command into the id=2442 guide's related file, as needed. (See the CUSTOM6 token to 'insert' code into the vhssl {} section)

      For any global OLS templates (instead of per-User/pre-Domain), you'd use the CustomBuild templates instead in:

      /usr/local/directadmin/custombuild/configure/openlitespeed/conf/*

      except copy any files you need to modify into:
      /usr/local/directadmin/custombuild/custom/openlitespeed/conf/*

      which get copied overtop of whatever gets installed, so you'd only need the singular files to edit.

      Thanked by 1Shoaib_A
    • Mahfuz_SS_EHLMahfuz_SS_EHL Member, Provider

      @DA_Mark said:
      I've confirmed the sslProtocol works via the token override , but for any settings that are not currently controlled by tokens, just add that raw command into the id=2442 guide's related file, as needed. (See the CUSTOM6 token to 'insert' code into the vhssl {} section)

      For any global OLS templates (instead of per-User/pre-Domain), you'd use the CustomBuild templates instead in:

      /usr/local/directadmin/custombuild/configure/openlitespeed/conf/*

      except copy any files you need to modify into:
      /usr/local/directadmin/custombuild/custom/openlitespeed/conf/*

      which get copied overtop of whatever gets installed, so you'd only need the singular files to edit.

      I could set ciphers & stapling till now. But I can't set the followings:

      SSLHonorCipherOrder On
      SSLCompression offSSL
      SSLSessionTickets Off

      Because I don't know the keyword of them. LiteSpeed is different than generalized Apache config.

      AlphaSSL Revocation Issue is being investigated.

    • If you're trying to insert those3 variables into the "vhssl{}" section of the per-domain template, you could insert it into the CUSTOM6 token by creating:
      /usr/local/directadmin/data/templates/custom/openlitespeed_vhost.conf.CUSTOM.6.pre

      with code:
      SSLHonorCipherOrder On
      SSLCompression Off
      SSLSessionTickets Off

      Then rewrite the configs:
      cd /usr/local/directadmin/custombuild
      ./build rewrite_confs

      If you have issues, please create a ticket, and one of our techs can assist you there.

    Sign In or Register to comment.