Archive for the tag 'main'

Choosing which main PHP version to build

Though it is possible to enable both PHP 4 and PHP 5, Cpanel recommend only enabling one version of PHP. This is because when only one version is installed, the binaries are configured in such a way to mirror EasyApache’s installation, simplifying configuration and management.

A CGI binary is installed in /usr/bin/php.
A CLI binary is installed in /usr/local/bin/php

.

When both PHP 4 and PHP 5 are enabled, PHP 5 is installed in the standard locations, listed above, while:

A CGI binary for PHP 4 is installed in /usr/php4/bin/php.
A CLI binary for PHP 4 is installed in /usr/local/php4/bin/php.

Pls Note: PHP 4 is no longer supported by its developers. WCpanel strongly recommend you use PHP 5.

SSL on the server’s main domain with DirectAdmin

If an Admin wishes to add an SSL certificate on the main server’s domain, they must do it manually. To do this, the Admin must obtain the certificate and key (explained in just a moment). After these have been acquired, the Admin will have to edit /etc/httpd/conf/httpd.conf file and scroll to the very bottom. You should see 2 virtual host directives. With the one that says <VirtualHost :443> you must modify the SSL tags.

Set:

SSLCertificateFile [full path to certificate]
SSLCertificateKeyFile [full path to key]
and if provided with a CA certificate file ADD the following line
SSLCACertificateFile [full path to CA certificate]

You have a few options when it comes to obtaining the key and certificate. First you can create you own self signed certificate. You can do this by typing the following:

openssl req -new -x509 -days 365 -keyout key.temp -out certificate
openssl rsa -in key.temp -out key.real

The second line is to remove the password from the key so that apache won’t hang on bootup waiting for the key password. Those commands will create a self signed certificate (remove the key.temp file after you’re done) but if you want to use an authority to sign your certificate (removes the annoying popup), you’ll need to create a certificate request:

openssl genrsa 1024 > key.real
openssl req -new -key key.real -out certificate.request

and you send the certificate.request file to to certificate authority to be signed. They will send you a signed certificate which you will install using the apache tags noted above (and you can delete the certificate.request file, it’s not needed).

Source and Credit - http://www.directadmin.com