This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
31
CentOS Configuration / How to setup user quotas ?
« on: September 09, 2014, 09:59:48 PM »
Let's say that your /home partition is in / mount point
install quota on your centos
Edit: /etc/fstab
replace "defaults" with "usrjquota=quota.user,jqfmt=vfsv0" for / mount point
Before (in some cases this can be different!):
If you have /home in /etc/fstab then you will need to edit line matching /home
replace "defaults" with "usrjquota=quota.user,jqfmt=vfsv0" for /home mount point
Before:
Now you need to add this into the CWP Configuration
How to check if quota works ?
Set a quota for all users by package from cwp
If you had previously added users then you will need to update the quota for them, you can do that by clicking on each account edit and then saving changes, or you can edit packages and save them for all users.
XFS Quota (only for XFS file system!!!)
edit file: /etc/fstab and add usrquota,grpquota example:
/dev/mapper/centos_root-home /home xfs defaults,usrquota,grpquota 0 0
before example
Activate quota as XFS for /home
in CWP.admin go to Left Menu -> Server Settings --> Disk Quota , and set
Quota Partition: /home
Quota Type: xfs
reboot the server
Next, activate quota for all accounts
in cwp.admin go to Left Menu -> Packages -> List Packages
edit all packages you have and select "Update Quota" to set the quota for all accounts using this package.
How to check if /home is mounted with quota
=============
XFS: In some cases, you would also need to modify grub conf if the above fails
If you see "noquota" in the xfs mount options for the / partition then you would need to modify file: /etc/default/grub
Find the line with the variable "GRUB_CMDLINE_LINUX" and at end of the line add: "rootflags=uquota,pquota"
Example:
Make backup and create grub config for boot
now reboot the server
after reboot run API to set quota for all users
Note: If you want emails and user home to be under the same quota then /var/vmail and /home need to be on the same partition.
install quota on your centos
Code: [Select]
yum install quota
Edit: /etc/fstab
Code: [Select]
vi /etc/fstab
replace "defaults" with "usrjquota=quota.user,jqfmt=vfsv0" for / mount point
Before (in some cases this can be different!):
Code: [Select]
UUID=ac567666-9385-4ef5-885c-80f61ec64647 / ext3 defaults 1 1
After Replace: Code: [Select]
UUID=ac567666-9385-4ef5-885c-80f61ec64647 / ext3 usrjquota=quota.user,jqfmt=vfsv0 1 1
Code: [Select]
mount -o remount /
quotacheck -avugm
quotaon -avug
If you have /home in /etc/fstab then you will need to edit line matching /home
replace "defaults" with "usrjquota=quota.user,jqfmt=vfsv0" for /home mount point
Before:
Code: [Select]
UUID=ac567666-9385-4ef5-885c-80f61ec64647 /home ext3 defaults 1 1
After Replace: Code: [Select]
UUID=ac567666-9385-4ef5-885c-80f61ec64647 /home ext3 usrjquota=quota.user,jqfmt=vfsv0 1 1
Code: [Select]
mount -o remount /home
quotacheck -avugm
quotaon -avug
Now you need to add this into the CWP Configuration
Code: [Select]
mkdir -p /usr/local/cwp/.conf/
echo "/home" > /usr/local/cwp/.conf/quota_part.conf
How to check if quota works ?
Code: [Select]
repquota -a
This will display you user limitsSet a quota for all users by package from cwp
Code: [Select]
/scripts/cwp_api account update_diskquota_all
If you had previously added users then you will need to update the quota for them, you can do that by clicking on each account edit and then saving changes, or you can edit packages and save them for all users.
XFS Quota (only for XFS file system!!!)
Code: [Select]
yum -y install quota quota-devel
edit file: /etc/fstab and add usrquota,grpquota example:
/dev/mapper/centos_root-home /home xfs defaults,usrquota,grpquota 0 0
before example
Code: [Select]
/dev/mapper/centos_root-home /home xfs defaults 0 0
aftere exampleCode: [Select]
/dev/mapper/centos_root-home /home xfs defaults,usrquota,grpquota 0 0
Activate quota as XFS for /home
in CWP.admin go to Left Menu -> Server Settings --> Disk Quota , and set
Quota Partition: /home
Quota Type: xfs
reboot the server
Next, activate quota for all accounts
in cwp.admin go to Left Menu -> Packages -> List Packages
edit all packages you have and select "Update Quota" to set the quota for all accounts using this package.
How to check if /home is mounted with quota
Code: [Select]
mount |grep home
if you have there listed usrquota,grpquota for /home then all should work fine.=============
XFS: In some cases, you would also need to modify grub conf if the above fails
Code: [Select]
# mount | grep ' / '
/dev/mapper/cl-root on / type xfs (rw,relatime,attr2,inode64,noquota)
If you see "noquota" in the xfs mount options for the / partition then you would need to modify file: /etc/default/grub
Find the line with the variable "GRUB_CMDLINE_LINUX" and at end of the line add: "rootflags=uquota,pquota"
Example:
Code: [Select]
GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=cl/root rd.lvm.lv=cl/swap rhgb quiet rootflags=uquota,pquota"
Make backup and create grub config for boot
Code: [Select]
cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.orig
grub2-mkconfig -o /boot/grub2/grub.cfg
echo xfs > /usr/local/cwp/.conf/quota_type.conf
now reboot the server
Code: [Select]
reboot
after reboot run API to set quota for all users
Code: [Select]
/scripts/cwp_api account update_diskquota_all
Note: If you want emails and user home to be under the same quota then /var/vmail and /home need to be on the same partition.
32
SSL / How to install multiple SSL certificates on shared IP
« on: August 20, 2014, 01:56:28 PM »
How to install multiple SSL certificates on shared IP
Now you can have unlimited number of SSL certificates on one shared IP address (no additional IP's are needed)
autoSSL Valid SSL Certificate (no exception needs to be added in your browser)
1. go to SSL Manager and install this Certificate for user/domain/subdomain you need.
Install SSL Certificate (Self Singed - exception needs to be added in your browser)
1. Use CWP SSL Generator (in admin are under Security) for generating your SSL key and SelfSinged Certificate.
2. go to SSL Manager and install this Certificate for user and path which you need it
Great Now you Have installed Self Singed SSL Certificate
Install Browser Valid SSL Certificate (no exception needs to be added in your browser)
1. Use CWP SSL Generator (in admin are under Security) for generating your SSL key and SelfSinged Certificate.
2. You will get SSL output and now you will need buy SSL Certificate providing output of "BEGIN CERTIFICATE REQUEST" to SSL seller company.
3.Once you have received new SSL Certificate from valid seller you can install it by clicking on "Browse installed SSL Certificates" in CWP SSL Generator
and edit file "/etc/pki/tls/certs/DOMAIN.COM.cert"
4. go to SSL Manager and install this Certificate for user and path which you need it
Great Now you Have installed Valid SSL Certificate
** Don't forget to download your SSL Certificate and KEY from the server to your local computer for backup!!!
** Don't forget to check if your Apache is Listening on the port 443!!!
Use the following site for SSL check
https://www.sslshopper.com/ssl-checker.html
Now you can have unlimited number of SSL certificates on one shared IP address (no additional IP's are needed)
autoSSL Valid SSL Certificate (no exception needs to be added in your browser)
1. go to SSL Manager and install this Certificate for user/domain/subdomain you need.
Install SSL Certificate (Self Singed - exception needs to be added in your browser)
1. Use CWP SSL Generator (in admin are under Security) for generating your SSL key and SelfSinged Certificate.
2. go to SSL Manager and install this Certificate for user and path which you need it
Great Now you Have installed Self Singed SSL Certificate
Install Browser Valid SSL Certificate (no exception needs to be added in your browser)
1. Use CWP SSL Generator (in admin are under Security) for generating your SSL key and SelfSinged Certificate.
2. You will get SSL output and now you will need buy SSL Certificate providing output of "BEGIN CERTIFICATE REQUEST" to SSL seller company.
3.Once you have received new SSL Certificate from valid seller you can install it by clicking on "Browse installed SSL Certificates" in CWP SSL Generator
and edit file "/etc/pki/tls/certs/DOMAIN.COM.cert"
4. go to SSL Manager and install this Certificate for user and path which you need it
Great Now you Have installed Valid SSL Certificate
** Don't forget to download your SSL Certificate and KEY from the server to your local computer for backup!!!
** Don't forget to check if your Apache is Listening on the port 443!!!
Use the following site for SSL check
https://www.sslshopper.com/ssl-checker.html
33
DNS Manager / How to use FreeDNS Manager
« on: July 29, 2014, 01:40:23 PM »
How to use FreeDNS Manager?
1. Register on FreeDNS Manager website
http://freedns.centos-webpanel.com
2. Point you domain to the following nameservers (at your domain registrar):
ns1.centos-webpanel.com
ns2.centos-webpanel.com
3. add your domain on FreeDNS (enter following):
- Zone/Domain: your domain name, example: mydomain.com
- Web Server IP: your server IP, example: 121.122.123.124
- Mail Server IP: your server IP, example: 121.122.123.124
- FTP Server IP: your server IP, example: 121.122.123.124
Great now you have set your FreeDNS!
test your domain records by visiting following link and entering your domain name
http://leafdns.com/
1. Register on FreeDNS Manager website
http://freedns.centos-webpanel.com
2. Point you domain to the following nameservers (at your domain registrar):
ns1.centos-webpanel.com
ns2.centos-webpanel.com
3. add your domain on FreeDNS (enter following):
- Zone/Domain: your domain name, example: mydomain.com
- Web Server IP: your server IP, example: 121.122.123.124
- Mail Server IP: your server IP, example: 121.122.123.124
- FTP Server IP: your server IP, example: 121.122.123.124
Great now you have set your FreeDNS!
test your domain records by visiting following link and entering your domain name
http://leafdns.com/
34
How to / How to enable root access on Microsoft Azure Cloud
« on: July 09, 2014, 01:01:24 PM »
How to enable root access on Microsoft Azure Cloud.
1. Login via ssh using your sudo user
2. Now login as root user
3. check if root access is set (LOCK means that root access is disabled)
4. enable root access (as root user enter command passwd)
now enter your password and root access is enabled, you can check this by using command "grep root /etc/shadow"
1. Login via ssh using your sudo user
2. Now login as root user
Code: [Select]
sudo su -
3. check if root access is set (LOCK means that root access is disabled)
Code: [Select]
[root@Linux ~]# grep root /etc/shadow
root:*LOCK*:14600::::::
4. enable root access (as root user enter command passwd)
Code: [Select]
[root@Linux ~]# passwd
now enter your password and root access is enabled, you can check this by using command "grep root /etc/shadow"
35
How to / How to change cwpsrvd Listen port (CWP)
« on: July 07, 2014, 04:19:16 PM »
If you need to change cwpsrv Listen port you can do that by editing following files:
Here you can edit default cwp admin ports 2030,2031,2086,2087
to get Line number us this command
don't forget that you need to add your new ports in CSF Firewall and restart cwpsrv using this command.
For user panel you can edit this file
/usr/local/cwpsrv/conf.d/users.conf
Note that these changes are not recommended as update can overwrite them.
Here you can edit default cwp admin ports 2030,2031,2086,2087
Code: [Select]
nano /usr/local/cwpsrv/conf/cwpsrv.conf
to get Line number us this command
Code: [Select]
grep -n listen /usr/local/cwpsrv/conf/cwpsrv.conf
don't forget that you need to add your new ports in CSF Firewall and restart cwpsrv using this command.
Code: [Select]
sh /scripts/restart_cwpsrv
For user panel you can edit this file
/usr/local/cwpsrv/conf.d/users.conf
Note that these changes are not recommended as update can overwrite them.
36
How to / how to change memory_limit in php.ini
« on: July 02, 2014, 12:41:27 AM »
how to change memory_limit in php.ini ?
With CWP this is very simple:
go to menu --> PHP Settings --> PHP Simple Editor
here you can edit sa view mostly used settings from php.ini file.
Mostly used settings are:
memory_limit
upload_max_filesize
post_max_size
max_execution_time
display_errors
date.timezone (change php time zone)
With CWP this is very simple:
go to menu --> PHP Settings --> PHP Simple Editor
here you can edit sa view mostly used settings from php.ini file.
Mostly used settings are:
memory_limit
upload_max_filesize
post_max_size
max_execution_time
display_errors
date.timezone (change php time zone)
37
How to / how to rebuild all apache virtual hosts
« on: July 02, 2014, 12:13:09 AM »
how to rebuild all apache virtual hosts at once?
1. Edit Apache vHosts Template according to your needs (default is fine) | Path: Apache Settings --> Apache vHosts Template
2. Check your server shared ip and apache port which you want to use. | Path CWP Settings --> Edit Settings
3. go to menu Apache Settings --> Rebuild Apache vHosts , check all details and click on "Rebuild All Apache vHosts" button.
once all is done check output and if apache started without any errors.
that is it!
1. Edit Apache vHosts Template according to your needs (default is fine) | Path: Apache Settings --> Apache vHosts Template
2. Check your server shared ip and apache port which you want to use. | Path CWP Settings --> Edit Settings
3. go to menu Apache Settings --> Rebuild Apache vHosts , check all details and click on "Rebuild All Apache vHosts" button.
once all is done check output and if apache started without any errors.
that is it!
38
How to / how to check my current MySQL root password
« on: June 29, 2014, 07:55:00 AM »
how to change my current MySQL root password
Go to phpMyAdmin --> Users Tab
- Click on Edit Privileges for root user
- go to Change password section --> Generate a New Password and click on the Go button.
Now you need to set this new password in the configuration files.
You can use this command from shell:
and edit also this file
To check the password you the instructions bellow.
You can use this command from shell:
or this one
Go to phpMyAdmin --> Users Tab
- Click on Edit Privileges for root user
- go to Change password section --> Generate a New Password and click on the Go button.
Now you need to set this new password in the configuration files.
You can use this command from shell:
Code: [Select]
nano /root/.my.cnf
and edit also this file
Code: [Select]
nano /usr/local/cwpsrv/htdocs/admin/include/db_conn.php
To check the password you the instructions bellow.
You can use this command from shell:
Code: [Select]
grep password /root/.my.cnf
or this one
Code: [Select]
grep db_pass /usr/local/cwpsrv/htdocs/admin/include/db_conn.php
39
How to / how to secure CentOS server using CWP features
« on: June 29, 2014, 07:43:20 AM »
how to secure CentOS server using CWP features
1. Enable CSF Firewall (in CWP.root in security menu you have CSF Firewall)
2. Change SSH port
3. Enable ModSecurity with OWASP security rules
4. Use only random generated passwords
How to enable CSF Firewall
In your CWP menu go to Security --> CSF Firewall and click on firewall enable
How to change SSH port
In your CWP menu go to Services Config --> SSH Configuration
now replace #22 with eg. 8404 and restart ssh server on index page of the CWP
You will need to add this port also in CSF Firewall
1. go to Security --> CSF Firewall --> Firewall Configuration
2. replace TCP_IN and TCP_OUT port 22 with your port
3. restart CSF Firewall
cut from configuration
How to Install ModSecurity with OWASP security rules
In your CWP menu go to Security --> Mod Security and click on Install Mod Security
Use only random generated passwords
One of the most important things is to ALWAYS use random generated passwords with length 8+ characters.
CWP also has built in random password generator which will generate random password for each new account on creation.
One of best tools for that is here:
https://www.random.org/passwords/
Random passwords needs to be used for all public services like:
- CMS applications like Wordpress admin user
- FTP Passwords
- Email Account Passwords
- Account passwords
... and any other available on the internet
1. Enable CSF Firewall (in CWP.root in security menu you have CSF Firewall)
2. Change SSH port
3. Enable ModSecurity with OWASP security rules
4. Use only random generated passwords
How to enable CSF Firewall
In your CWP menu go to Security --> CSF Firewall and click on firewall enable
How to change SSH port
In your CWP menu go to Services Config --> SSH Configuration
now replace #22 with eg. 8404 and restart ssh server on index page of the CWP
You will need to add this port also in CSF Firewall
1. go to Security --> CSF Firewall --> Firewall Configuration
2. replace TCP_IN and TCP_OUT port 22 with your port
3. restart CSF Firewall
cut from configuration
Code: [Select]
# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2030,2031"
# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,53,80,110,113,443,2030,2031"
How to Install ModSecurity with OWASP security rules
In your CWP menu go to Security --> Mod Security and click on Install Mod Security
Use only random generated passwords
One of the most important things is to ALWAYS use random generated passwords with length 8+ characters.
CWP also has built in random password generator which will generate random password for each new account on creation.
One of best tools for that is here:
https://www.random.org/passwords/
Random passwords needs to be used for all public services like:
- CMS applications like Wordpress admin user
- FTP Passwords
- Email Account Passwords
- Account passwords
... and any other available on the internet
40
How to / how to create new user account on CentOS Web Panel
« on: June 29, 2014, 07:22:12 AM »
how to create new user account on CentOS Web Panel [CWP]
1. Login to your CWP.root (Admin Area)
2. Click on User Accounts
3. Click on New Account (Create a New Account)
4. Fill new account form (Domain,Username, Password, Package, Email address, Backup)
Account Creation Will do the following
- Create New Account with shell disabled
- Add Configuration for a domain in apache config file (suPHP,suExec, Domain path)
- Create public_html folder (used for uploading public scripts)
- install default template (index.html file)
- restart/reload apache configuration
- Create and reload DNS zone for a domain
Now you can upload your files using ftp login details of the account.
suPHP requires following permissions
Folders: 755
Files: 644
1. Login to your CWP.root (Admin Area)
2. Click on User Accounts
3. Click on New Account (Create a New Account)
4. Fill new account form (Domain,Username, Password, Package, Email address, Backup)
Account Creation Will do the following
- Create New Account with shell disabled
- Add Configuration for a domain in apache config file (suPHP,suExec, Domain path)
- Create public_html folder (used for uploading public scripts)
- install default template (index.html file)
- restart/reload apache configuration
- Create and reload DNS zone for a domain
Now you can upload your files using ftp login details of the account.
suPHP requires following permissions
Folders: 755
Files: 644
41
Information / CentOS Server Log Files Location
« on: June 13, 2014, 03:56:31 PM »
CWP Login Logs
/var/log/cwp_login.log
Apache server Logs location:
/usr/local/apache/logs/
suPHP Log
/var/log/suphp.log
PHP Rebuild Log (PHP Switcher)
/var/log/php-rebuild.log
Postfix
/var/log/maillog
Dovecot
/var/log/dovecot-debug.log
/var/log/dovecot-info.log
/var/log/dovecot.log
How to View Logs?
You can use File Manger in CWP as one of the options
To live monitor logs you can user this command
/var/log/cwp_login.log
Apache server Logs location:
/usr/local/apache/logs/
suPHP Log
/var/log/suphp.log
PHP Rebuild Log (PHP Switcher)
/var/log/php-rebuild.log
Postfix
/var/log/maillog
Dovecot
/var/log/dovecot-debug.log
/var/log/dovecot-info.log
/var/log/dovecot.log
How to View Logs?
You can use File Manger in CWP as one of the options
Code: [Select]
cat /full/path/to/file.name
Code: [Select]
less /full/path/to/file.name
Code: [Select]
nano /full/path/to/file.name
Code: [Select]
vi /full/path/to/file.name
Code: [Select]
vim /full/path/to/file.name
To live monitor logs you can user this command
Code: [Select]
tail -f /full/path/to/file.name
42
PHP / suPHP - 500 Internal Server Error
« on: June 13, 2014, 03:26:53 PM »
This error is usually related to a permissions/ownership issue.
suPHP requires that the files are owned by the user name. Permissions on php files should also be set to 644 (-rw-r-r-), folder permission must be 755.
How to change ownership on the files and folders
option no.2.
For one file eg. /home/test/public_html/index.php
For all files in /home/test/public_html folder (RECOMMENDED)
How to change permissions on the files and folders
For one file eg. /home/test/public_html/index.php
For all files in /home/test/public_html folder (RECOMMENDED)
If not of the above helps than you can check .htaccess file
you can check, disable, rename .htaccess file as rules inside this file can cause this issue.
You can also tail/monitor error log using command
suPHP requires that the files are owned by the user name. Permissions on php files should also be set to 644 (-rw-r-r-), folder permission must be 755.
How to change ownership on the files and folders
Quote
option no.1. (this will fix all permissions for the user account)
go to CWP menu --> User Accounts -- > Fix Permissions and select user
option no.2.
For one file eg. /home/test/public_html/index.php
Code: [Select]
chown USERNAME:USERNAME /home/test/public_html/index.php
For all files in /home/test/public_html folder (RECOMMENDED)
Code: [Select]
chown -R USERNAME:USERNAME /home/test/public_html/*
How to change permissions on the files and folders
For one file eg. /home/test/public_html/index.php
Code: [Select]
chmod 644 /home/test/public_html/index.php
For all files in /home/test/public_html folder (RECOMMENDED)
Code: [Select]
cd /home/test/public_html
find . -type f -exec chmod 644 {} \;
If not of the above helps than you can check .htaccess file
you can check, disable, rename .htaccess file as rules inside this file can cause this issue.
You can also tail/monitor error log using command
Code: [Select]
tail -f /usr/local/apache/logs/error_log
43
Addons / Linux Shoutcast Manager - How to install shoutcast server
« on: June 12, 2014, 11:15:59 PM »
In CWP you can install shoutcast server in few clicks, in CWP menu go to Plugins and than ShoutCast Manager.
- Install Shoutcast server
**This will create linux user named "shoutcast" which will be used to run shoutcast servers in screen.
- Remove Shoutcast server
**This option will delete all servers and "shoutcast" linux user.
- Installing additional server servers
**This will create additional folder locations and shoutcast server files.
- Template folder is used to copy data when creating new server and you can modify it. [DO NOT DELETE THIS FOLDER]
Please remember that shoutcast servers use 2 ports always
eg.
if you create server with port 8000 it will also work on port 8001 (accepts connections).
Creating servers example
Server1 on port 8000
Server2 on port 8002
Server3 on port 8004
If you have enabled CSF Firewall you will need to open shoutcast port and port +1.
Server not starting known issues
- Install Shoutcast server
**This will create linux user named "shoutcast" which will be used to run shoutcast servers in screen.
- Remove Shoutcast server
**This option will delete all servers and "shoutcast" linux user.
- Installing additional server servers
**This will create additional folder locations and shoutcast server files.
- Template folder is used to copy data when creating new server and you can modify it. [DO NOT DELETE THIS FOLDER]
Please remember that shoutcast servers use 2 ports always
eg.
if you create server with port 8000 it will also work on port 8001 (accepts connections).
Creating servers example
Server1 on port 8000
Server2 on port 8002
Server3 on port 8004
If you have enabled CSF Firewall you will need to open shoutcast port and port +1.
Server not starting known issues
Code: [Select]
yum -y install screen glibc.i686 glibc.i386
44
Information / CWP Version updates
« on: June 06, 2014, 09:36:56 PM »
If you have versions from 0.1 to 0.7 than you can not upload to newer as there are too many differences from version 0.8 like:
- config file locations
- apache location
- php location
- CWP server different type and location
...
Versions 0.8 + have automatic updates to the latest one available.
- config file locations
- apache location
- php location
- CWP server different type and location
...
Versions 0.8 + have automatic updates to the latest one available.
45
SSL / SSL Certificate Country Codes
« on: June 05, 2014, 07:26:21 PM »
SSL Certificate Country Codes
Find your Country Code from the list provided below
Country Codes are required when creating a Certificate Signing Request. The SSL Certificate Country Codes that you need to enter when creating your CSR are as follows:
US United States of America
CA Canada
AX Åland Islands
AD Andorra
AE United Arab Emirates
AF Afghanistan
AG Antigua and Barbuda
AI Anguilla
AL Albania
AM Armenia
AN Netherlands Antilles
AO Angola
AQ Antarctica
AR Argentina
AS American Samoa
AT Austria
AU Australia
AW Aruba
AZ Azerbaijan
BA Bosnia and Herzegovina
BB Barbados
BD Bangladesh
BE Belgium
BF Burkina Faso
BG Bulgaria
BH Bahrain
BI Burundi
BJ Benin
BM Bermuda
BN Brunei Darussalam
BO Bolivia
BR Brazil
BS Bahamas
BT Bhutan
BV Bouvet Island
BW Botswana
BZ Belize
CA Canada
CC Cocos (Keeling) Islands
CF Central African Republic
CH Switzerland
CI Cote D'Ivoire (Ivory Coast)
CK Cook Islands
CL Chile
CM Cameroon
CN China
CO Colombia
CR Costa Rica
CS Czechoslovakia (former)
CV Cape Verde
CX Christmas Island
CY Cyprus
CZ Czech Republic
DE Germany
DJ Djibouti
DK Denmark
DM Dominica
DO Dominican Republic
DZ Algeria
EC Ecuador
EE Estonia
EG Egypt
EH Western Sahara
ER Eritrea
ES Spain
ET Ethiopia
FI Finland
FJ Fiji
FK Falkland Islands (Malvinas)
FM Micronesia
FO Faroe Islands
FR France
FX France, Metropolitan
GA Gabon
GB Great Britain (UK)
GD Grenada
GE Georgia
GF French Guiana
GG Guernsey
GH Ghana
GI Gibraltar
GL Greenland
GM Gambia
GN Guinea
GP Guadeloupe
GQ Equatorial Guinea
GR Greece
GS S. Georgia and S. Sandwich Isls.
GT Guatemala
GU Guam
GW Guinea-Bissau
GY Guyana
HK Hong Kong
HM Heard and McDonald Islands
HN Honduras
HR Croatia (Hrvatska)
HT Haiti
HU Hungary
ID Indonesia
IE Ireland
IL Israel
IM Isle of Man
IN India
IO British Indian Ocean Territory
IS Iceland
IT Italy
JE Jersey
JM Jamaica
JO Jordan
JP Japan
KE Kenya
KG Kyrgyzstan
KH Cambodia
KI Kiribati
KM Comoros
KN Saint Kitts and Nevis
KR Korea (South)
KW Kuwait
KY Cayman Islands
KZ Kazakhstan
LA Laos
LC Saint Lucia
LI Liechtenstein
LK Sri Lanka
LS Lesotho
LT Lithuania
LU Luxembourg
LV Latvia
LY Libya
MA Morocco
MC Monaco
MD Moldova
ME Montenegro
MG Madagascar
MH Marshall Islands
MK Macedonia
ML Mali
MM Myanmar
MN Mongolia
MO Macau
MP Northern Mariana Islands
MQ Martinique
MR Mauritania
MS Montserrat
MT Malta
MU Mauritius
MV Maldives
MW Malawi
MX Mexico
MY Malaysia
MZ Mozambique
NA Namibia
NC New Caledonia
NE Niger
NF Norfolk Island
NG Nigeria
NI Nicaragua
NL Netherlands
NO Norway
NP Nepal
NR Nauru
NT Neutral Zone
NU Niue
NZ New Zealand (Aotearoa)
OM Oman
PA Panama
PE Peru
PF French Polynesia
PG Papua New Guinea
PH Philippines
PK Pakistan
PL Poland
PM St. Pierre and Miquelon
PN Pitcairn
PR Puerto Rico
PS Palestinian Territory
PT Portugal
PW Palau
PY Paraguay
QA Qatar
RE Reunion
RO Romania
RS Serbia
RU Russian Federation
RW Rwanda
SA Saudi Arabia
SB Solomon Islands
SC Seychelles
SE Sweden
SG Singapore
SH St. Helena
SI Slovenia
SJ Svalbard and Jan Mayen Islands
SK Slovak Republic
SL Sierra Leone
SM San Marino
SN Senegal
SR Suriname
ST Sao Tome and Principe
SU USSR (former)
SV El Salvador
SZ Swaziland
TC Turks and Caicos Islands
TD Chad
TF French Southern Territories
TG Togo
TH Thailand
TJ Tajikistan
TK Tokelau
TM Turkmenistan
TN Tunisia
TO Tonga
TP East Timor
TR Turkey
TT Trinidad and Tobago
TV Tuvalu
TW Taiwan
TZ Tanzania
UA Ukraine
UG Uganda
UM US Minor Outlying Islands
US United States
UY Uruguay
UZ Uzbekistan
VA Vatican City State (Holy See)
VC Saint Vincent and the Grenadines
VE Venezuela
VG Virgin Islands (British)
VI Virgin Islands (U.S.)
VN Viet Nam
VU Vanuatu
WF Wallis and Futuna Islands
WS Samoa
YE Yemen
YT Mayotte
ZA South Africa
ZM Zambia
COM US Commercial
EDU US Educational
GOV US Government
INT International
MIL US Military
NET Network
ORG Non-Profit Organization
ARPA Old style Arpanet
Find your Country Code from the list provided below
Country Codes are required when creating a Certificate Signing Request. The SSL Certificate Country Codes that you need to enter when creating your CSR are as follows:
US United States of America
CA Canada
AX Åland Islands
AD Andorra
AE United Arab Emirates
AF Afghanistan
AG Antigua and Barbuda
AI Anguilla
AL Albania
AM Armenia
AN Netherlands Antilles
AO Angola
AQ Antarctica
AR Argentina
AS American Samoa
AT Austria
AU Australia
AW Aruba
AZ Azerbaijan
BA Bosnia and Herzegovina
BB Barbados
BD Bangladesh
BE Belgium
BF Burkina Faso
BG Bulgaria
BH Bahrain
BI Burundi
BJ Benin
BM Bermuda
BN Brunei Darussalam
BO Bolivia
BR Brazil
BS Bahamas
BT Bhutan
BV Bouvet Island
BW Botswana
BZ Belize
CA Canada
CC Cocos (Keeling) Islands
CF Central African Republic
CH Switzerland
CI Cote D'Ivoire (Ivory Coast)
CK Cook Islands
CL Chile
CM Cameroon
CN China
CO Colombia
CR Costa Rica
CS Czechoslovakia (former)
CV Cape Verde
CX Christmas Island
CY Cyprus
CZ Czech Republic
DE Germany
DJ Djibouti
DK Denmark
DM Dominica
DO Dominican Republic
DZ Algeria
EC Ecuador
EE Estonia
EG Egypt
EH Western Sahara
ER Eritrea
ES Spain
ET Ethiopia
FI Finland
FJ Fiji
FK Falkland Islands (Malvinas)
FM Micronesia
FO Faroe Islands
FR France
FX France, Metropolitan
GA Gabon
GB Great Britain (UK)
GD Grenada
GE Georgia
GF French Guiana
GG Guernsey
GH Ghana
GI Gibraltar
GL Greenland
GM Gambia
GN Guinea
GP Guadeloupe
GQ Equatorial Guinea
GR Greece
GS S. Georgia and S. Sandwich Isls.
GT Guatemala
GU Guam
GW Guinea-Bissau
GY Guyana
HK Hong Kong
HM Heard and McDonald Islands
HN Honduras
HR Croatia (Hrvatska)
HT Haiti
HU Hungary
ID Indonesia
IE Ireland
IL Israel
IM Isle of Man
IN India
IO British Indian Ocean Territory
IS Iceland
IT Italy
JE Jersey
JM Jamaica
JO Jordan
JP Japan
KE Kenya
KG Kyrgyzstan
KH Cambodia
KI Kiribati
KM Comoros
KN Saint Kitts and Nevis
KR Korea (South)
KW Kuwait
KY Cayman Islands
KZ Kazakhstan
LA Laos
LC Saint Lucia
LI Liechtenstein
LK Sri Lanka
LS Lesotho
LT Lithuania
LU Luxembourg
LV Latvia
LY Libya
MA Morocco
MC Monaco
MD Moldova
ME Montenegro
MG Madagascar
MH Marshall Islands
MK Macedonia
ML Mali
MM Myanmar
MN Mongolia
MO Macau
MP Northern Mariana Islands
MQ Martinique
MR Mauritania
MS Montserrat
MT Malta
MU Mauritius
MV Maldives
MW Malawi
MX Mexico
MY Malaysia
MZ Mozambique
NA Namibia
NC New Caledonia
NE Niger
NF Norfolk Island
NG Nigeria
NI Nicaragua
NL Netherlands
NO Norway
NP Nepal
NR Nauru
NT Neutral Zone
NU Niue
NZ New Zealand (Aotearoa)
OM Oman
PA Panama
PE Peru
PF French Polynesia
PG Papua New Guinea
PH Philippines
PK Pakistan
PL Poland
PM St. Pierre and Miquelon
PN Pitcairn
PR Puerto Rico
PS Palestinian Territory
PT Portugal
PW Palau
PY Paraguay
QA Qatar
RE Reunion
RO Romania
RS Serbia
RU Russian Federation
RW Rwanda
SA Saudi Arabia
SB Solomon Islands
SC Seychelles
SE Sweden
SG Singapore
SH St. Helena
SI Slovenia
SJ Svalbard and Jan Mayen Islands
SK Slovak Republic
SL Sierra Leone
SM San Marino
SN Senegal
SR Suriname
ST Sao Tome and Principe
SU USSR (former)
SV El Salvador
SZ Swaziland
TC Turks and Caicos Islands
TD Chad
TF French Southern Territories
TG Togo
TH Thailand
TJ Tajikistan
TK Tokelau
TM Turkmenistan
TN Tunisia
TO Tonga
TP East Timor
TR Turkey
TT Trinidad and Tobago
TV Tuvalu
TW Taiwan
TZ Tanzania
UA Ukraine
UG Uganda
UM US Minor Outlying Islands
US United States
UY Uruguay
UZ Uzbekistan
VA Vatican City State (Holy See)
VC Saint Vincent and the Grenadines
VE Venezuela
VG Virgin Islands (British)
VI Virgin Islands (U.S.)
VN Viet Nam
VU Vanuatu
WF Wallis and Futuna Islands
WS Samoa
YE Yemen
YT Mayotte
ZA South Africa
ZM Zambia
COM US Commercial
EDU US Educational
GOV US Government
INT International
MIL US Military
NET Network
ORG Non-Profit Organization
ARPA Old style Arpanet