I'm not much of a Linux admin, so I'm looking for a little help before I break everything, and potentially destroy the universe.
I have unrealIRCD 6.0.7 on CentOS 7, with DirectAdmin. I have a wildcard cert for the domain through Let's Encrypt.
All the reading I've done shows people using a .pem file - under DirectAdmin we don't get those.
I didn't want to install certbot, since I already have certs. Does that make sense?
I looked at the contents of the locally issued pem files, and they look just like my letsencrypt crt and key files.
I used /usr/local/directadmin/data/.lego/certificates/domain.org.crt and .key - these are working. At first it wouldn't rehash - directory and file permissions.
I changed the groups on the data and .lego subdirs from root:root to diradmin:diradmin and added +r on the cert files so unrealircd could read the files.
Now it rehashes fine, and I can connect with TLS. My main concern is that with the permission changes I may have made my server unsafe. I'm the only user on it, btw. Here's my listen block:
Code: Select all
listen {
ip xxx.xxx.xxx.xxx;
port 6697;
options { tls; }
tls-options {
certificate "/usr/local/directadmin/data/.lego/certificates/domain.org.crt";
key "/usr/local/directadmin/data/.lego/certificates/domain.org.key";
};
};
Thanks in advance!