Secure CWP Admin Panel Port 2031

Operating System : CentOS 7.3
CWP version: 0.9.8.346

I followed the tutorial http://wiki.centos-webpanel.com/hostname-ssl-with-letsencrypt
but it doesn't secure the 2031 port

The hostname domain got secured but it doesn't automatically secure the 2031 port and then redirect the 2030 port to 2031
How can I automatically secure my hostname:2031 port  with the auto ssl feature automatically?

Also how can I redirect the port 2030 to 2031

I was able to secure the Panel with /usr/local/cwpsrv/conf/cwpsrv.conf
and then replacing the contents of

ssl_certificate     /etc/pki/tls/certs/hostname.crt;
ssl_certificate_key /etc/pki/tls/private/hostname.key;

With the SSL , CA and Key

But how do I redirect from port 2030 too port 2031 and to https

Thank you

But how do I redirect from port 2030 too port 2031 and to https

You would need to add nginx redirect rules in file /usr/local/cwpsrv/conf/cwpsrv.conf
google that, it should be simple.

I was able to secure the Panel with /usr/local/cwpsrv/conf/cwpsrv.conf
and then replacing the contents of

ssl_certificate     /etc/pki/tls/certs/hostname.crt;
ssl_certificate_key /etc/pki/tls/private/hostname.key;

With the SSL , CA and Key

But how do I redirect from port 2030 too port 2031 and to https

Thank you

I already Try It But it doesn't secure the 2031 port...
Anyone Help ME?

If you have a domain.com which is assigned to your IP(DNS: A Record) you can use:
For CentOS 6:
http://forum.centos-webpanel.com/ssl/certbot-installation-and-requesting-certificate-(centos-6)/
For CentOS 7:
http://forum.centos-webpanel.com/ssl/certbot-installation-and-requesting-certificate-(centos-7)/
Create SSL Certificate and Key with one of this manuals and replace in /usr/local/cwpsrv/conf/cwpsrv.conf:

Code: [Select]

ssl_certificate     /etc/pki/tls/certs/hostname.crt;
ssl_certificate_key /etc/pki/tls/private/hostname.key;
with this:

Code: [Select]

ssl_certificate     /etc/letsencrypt/live/YOUR-DOMAIN.COM/fullchain.pem;;
ssl_certificate_key /etc/letsencrypt/live/YOUR-DOMAIN.COM/privkey.pem;
Once done, don`t forget to restart cwpsrv with:

Code: [Select]

service cwpsrv restart
You are done. Now navigate to https://YOUR-DOMAIN.COM:2031 and you are supposed to have a GREEN bar and secured site.
Something like this:

Have fun. Hope it helps.

Can I use any of my domains or does it have to be an unused domain?

I was able to secure the Panel with /usr/local/cwpsrv/conf/cwpsrv.conf
and then replacing the contents of

ssl_certificate     /etc/pki/tls/certs/hostname.crt;
ssl_certificate_key /etc/pki/tls/private/hostname.key;

With the SSL , CA and Key

But how do I redirect from port 2030 too port 2031 and to https

Thank you

Hi there,

server {
        listen       2030;
        listen       2086;
        server_name  localhost;
#add this line
return 301 https://$host:2031$request_uri;
in  /usr/local/cwpsrv/conf/cwpsrv.conf file and reboot nginx

Why not having adding the option to utilize (point to) the user certificate in the CWP Settings. And perhaps the option to redirect the ports accordingly? Perhaps a feature suggestion

So the panel for the admin(root) gets secured on the 2031/2087 ports with the root certificate but the user panel on port 2083 falls back to CWP certificate... not good. The certificate should be applicable globally to all users/ports on the CWpanel. How to sort this?

It be rather logic that once an own certificate is deployed on a domain that the certificate also automatically applies to all users/ports since CWP is part of the domain.

related to switching the certificates or an unrelated bug?

/admin/index.php?module=php_info

Warning: file_get_contents(): Peer certificate CN=`www.foo.bar' did not match expected CN=`x.x.x.x.x' in /usr/local/cwpsrv/htdocs/resources/admin/modules/php_info.php on line 0

Warning: file_get_contents(): Failed to enable crypto in /usr/local/cwpsrv/htdocs/resources/admin/modules/php_info.php on line 0

Warning: file_get_contents(http://x.x.x.x.x/phpinfo.php): failed to open stream: operation failed in /usr/local/cwpsrv/htdocs/resources/admin/modules/php_info.php on line 0

Hello i got the same probleme with some port. 


 openssl s_client -connect hostname:2031 -servername hostname

I got notice

If you have a domain.com which is assigned to your IP(DNS: A Record) you can use:
For CentOS 6:
http://forum.centos-webpanel.com/ssl/certbot-installation-and-requesting-certificate-(centos-6)/
For CentOS 7:
http://forum.centos-webpanel.com/ssl/certbot-installation-and-requesting-certificate-(centos-7)/
Create SSL Certificate and Key with one of this manuals and replace in /usr/local/cwpsrv/conf/cwpsrv.conf:

Code: [Select]

ssl_certificate     /etc/pki/tls/certs/hostname.crt;
ssl_certificate_key /etc/pki/tls/private/hostname.key;
with this:

Code: [Select]

ssl_certificate     /etc/letsencrypt/live/YOUR-DOMAIN.COM/fullchain.pem;;
ssl_certificate_key /etc/letsencrypt/live/YOUR-DOMAIN.COM/privkey.pem;
Once done, don`t forget to restart cwpsrv with:

Code: [Select]

service cwpsrv restart
You are done. Now navigate to https://YOUR-DOMAIN.COM:2031 and you are supposed to have a GREEN bar and secured site.
Something like this:

Have fun. Hope it helps.

This solved the problem, thanks.

What worked for me. My hostname is server.yourdomain.com.my

Create a subdomain - server.yourdomain.com.my
Make Sure sub-domain points to correct IP.

Get AutoSSL for this subdomain using CWP panel. Now go to the command prompt.


[root@server]# cd /etc/pki/tls/certs/
[root@server certs]# ll
-rw-r--r--  1 root root 3596 Nov 17 04:51 server.yourdomain.com.my.bundle
-rw-r--r--  1 root root 1948 Nov 17 04:51 server.yourdomain.com.my.cert
lrwxrwxrwx. 1 root root   31 Nov 15 15:15 server.yourdomain.com.my.crt -> /etc/pki/tls/certs/hostname.crt
[root@server certs]#rm server.yourdomain.com.my.crt
[root@server certs]#ln -s server.yourdomain.com.my.cert /etc/pki/tls/certs/hostname.crt

[root@server certs]# ls -l
total 72
-rw-r--r--  1 root root 3620 Nov 16 15:40 dwishaventures.com.my.bundle
-rw-r--r--  1 root root 1972 Nov 16 15:40 dwishaventures.com.my.cert
-rw-r--r--. 1 root root 1395 Nov 15 15:15 hostname.bundle
lrwxrwxrwx  1 root root   33 Nov 17 04:59 hostname.crt -> server.yourdomain.com.my.cert
-rw-r--r--  1 root root 3596 Nov 17 04:51 server.yourdomain.com.my.bundle
-rw-r--r--  1 root root 1948 Nov 17 04:51 server.yourdomain.com.my.cert
[root@server certs]#

What worked for me. My hostname is server.yourdomain.com.my

Create a subdomain - server.yourdomain.com.my
Make Sure sub-domain points to correct IP.

Get AutoSSL for this subdomain using CWP panel. Now go to the command prompt.


[root@server]# cd /etc/pki/tls/certs/
[root@server certs]# ll
-rw-r--r--  1 root root 3596 Nov 17 04:51 server.yourdomain.com.my.bundle
-rw-r--r--  1 root root 1948 Nov 17 04:51 server.yourdomain.com.my.cert
lrwxrwxrwx. 1 root root   31 Nov 15 15:15 server.yourdomain.com.my.crt -> /etc/pki/tls/certs/hostname.crt
[root@server certs]#rm server.yourdomain.com.my.crt
[root@server certs]#ln -s server.yourdomain.com.my.cert /etc/pki/tls/certs/hostname.crt

[root@server certs]# ls -l
total 72
-rw-r--r--  1 root root 3620 Nov 16 15:40 dwishaventures.com.my.bundle
-rw-r--r--  1 root root 1972 Nov 16 15:40 dwishaventures.com.my.cert
-rw-r--r--. 1 root root 1395 Nov 15 15:15 hostname.bundle
lrwxrwxrwx  1 root root   33 Nov 17 04:59 hostname.crt -> server.yourdomain.com.my.cert
-rw-r--r--  1 root root 3596 Nov 17 04:51 server.yourdomain.com.my.bundle
-rw-r--r--  1 root root 1948 Nov 17 04:51 server.yourdomain.com.my.cert
[root@server certs]#

I notice an issue with this

vi /etc/dovecot/dovecot.conf - update the cert file path there.