SSL Configuration
EasyDCIM platform can operate based either on a domain or an IP address. If you are using a domain, you can configure hosts to use the appropriate SSL certificate.
Default SSL Certificate
A self-signed SSL certificate is automatically generated during the EasyDCIM installation. If you need to regenerate this certificate and update the default Apache host, run:
bash /opt/easydcim/scripts/ssl/generate.sh
After completing the SSL regeneration process, update the Site Base URL from the command line:
php /opt/easydcim/artisan settings:change "common.url.default" "https://EASYDCIM-IP"
This ensures that the platform uses the correct HTTPS URL.
Free Let’s Encrypt certificate
In order to install a free SSL certificate, please log in to the SSH server in EasyDCIM and run these commands:
sudo apt update && sudo apt install -y snapd && sudo snap install core && sudo snap refresh core && sudo snap install --classic certbot && sudo ln -sf /snap/bin/certbot /usr/bin/certbot && sudo certbot --apache
In the final step, you need to provide an email address along with the domain name that you want to use. Then, select the virtual host for which the SSL configuration will be created. In most cases, this will be 000-default.conf, but depending on your server setup, it may also be a different host configuration file.
Automatic SSL Renewal
EasyDCIM includes a built-in script that automatically renews Let’s Encrypt SSL certificates using the system Certbot installation. The script is located at:
/opt/easydcim/scripts/letsencrypt/renew.sh
What the script does
- Stops Apache temporarily to free port 80
- Runs
certbot renewand captures full output (stdout + stderr) - Restarts Apache after renewal
- Logs every step of the process, including Certbot responses
All renewal details are stored in:
/opt/easydcim/storage/logs/ssl_renew.log
Add the following entry to /etc/crontab::
0 3 * * * root /opt/easydcim/scripts/letsencrypt/renew.sh
This ensures your SSL certificate stays valid without manual action.
Paid SSL certificate
To install a paid SSL certificate, go to the directory /etc/apache2/sites-available and create a file default-ssl.conf. The content of this file should look as follows:
default-ssl.conf
The file needs to be modified by setting such variables as:
- ServerName - a domain name
- SSLCertificateFile, SSLCertificateKeyFile - location of the certificate files
Next, you have to run the following commands from the command line:
sudo a2enmod ssl
sudo a2ensite default-ssl.conf
sudo /etc/init.d/apache2 restartDomain configuration in EasyDCIM
Once your domain is correctly configured, proceed to the main system settings and fill in these fields accordingly:
- Site Base URL - URL in format: http://domain.com or https://www.domain.com. If you are using SSL, all SSL requests will be forced to use it.
IMPORTANT! Please make sure that the domain is configured correctly before entering the above data. If the domain does not respond properly, then access to the backend section may be temporarily lost. Keep in mind that EasyDCIM cannot operate within a domain and an IP address at the same time. If you changed the domain configuration in EasyDCIM, you have to navigate to the EasyDCIM - Complete Solution For Data Center Management page and then run the License Reissue action in the client area.
A domain can be configured directly from the command line. If you wish to change a domain from the command line, log in to SSH and run the commands below:
php /opt/easydcim/artisan settings:change "common.url.default" "https://domain.com"If you want to reset the domain settings because your domain is not working properly or wrong data have been provided, you can run these commands:
php /opt/easydcim/artisan settings:change "common.url.default" ""Once the domain values are reset, you will be able to log in to the backend section using the server’s parent IP address.
