DirectAdmin Knowledge Base and Support

DirectAdmin is a web panel for a simple administration of both virtual and dedicated servers. DirectAdmin is faster, safe and more powerful than any other CP. And we know how to customize and support it.

NGINX 1.13.0 with TLSv1.3 on Directadmin Server

| 12:23:48 18.05.2017

NGINX 1.13.0 mainline version has been released on 2017-04-25 with a support of TLSv1.3. And while we are waiting for an official release of OpenSSL 1.1.1 we describe here on how to get it working on Directadmin server with custombuild 2.0.

NGINX (reverse proxy) with TLSv1.3

First we need to install additional script which will allow to install nginx mainline version on Linux server with DA:

cd /usr/local/directadmin/custombuild/
wget https://raw.githubusercontent.com/poralix/directadmin-utils/master/nginx/build_nginx -O ./build_nginx
chmod 755 ./build_nginx
./build_nginx versions

Install custom version of configure script for NGINX to get it compiled against OpenSSL 1.1.1:

cd /usr/local/directadmin/custombuild/
mkdir -p custom/nginx_reverse/
cp -p custom/nginx_reverse/configure.nginx custom/nginx_reverse/configure.nginx~bak
wget https://raw.githubusercontent.com/poralix/directadmin-utils/master/nginx/nginx_reverse/configure.nginx~openssl-1.1.1 -O custom/nginx_reverse/configure.nginx
chmod 755 custom/nginx_reverse/configure.nginx

Install custom version of nginx-defaults.conf for NGINX to get TLSv1.3 enabled:

cd /usr/local/directadmin/custombuild/
mkdir -p custom/nginx_reverse/conf/
cp -p custom/nginx_reverse/conf/nginx-defaults.conf custom/nginx_reverse/conf/nginx-defaults.conf~bak
wget https://raw.githubusercontent.com/poralix/directadmin-utils/master/nginx/nginx_reverse/conf/nginx-defaults.conf~TLSv1.3 -O custom/nginx_reverse/conf/nginx-defaults.conf

Rebuild NGINX

cd /usr/local/directadmin/custombuild/
./build update
./build_nginx install
./build rewrite_confs

Check results

# nginx -V
nginx version: nginx/1.13.0
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC)
built with OpenSSL 1.1.1-dev  xx XXX xxxx
TLS SNI support enabled


That's it

Tags: nginx custombuild 2 Security nginx_apache nginx_mainline SSL 
←  Teaching SpamAssassin on Directadmin servers using sa-learn  | Start |  Let's Encrypt script with re-tries on challenge verifications  →
About Us
We are a team of professionals, and specialize in installation, configuring and managing of remote virtual and dedicated servers powered by Linux/Unix-like OS with DirectAdmin. We support various sets of software, including web-servers Apache, Nginx; internet domain name servers Bind, PowerDNS; mail-servers with POP3, IMAP and SMTP, FTP-servers, etc. After years of working through the most complex server challenges our team has gathered valuable experience and universal solutions suitable for everyday tasks. We are here to lend you a helping hand and take care of your servers in order to let you have enough time to do more of what you love.




SEE HOW WE CAN HELP!
All of the information and data on this site is for informational purposes only and is provided for the convenience of the user.
Powered by: Amiro.CMS - Free edition