Note

You are viewing the documentation for an older release of Interworx (7.4). To see documentation for the current generally available release of Interworx, click here: 7.13.

Controller: /nodeworx/ssl

Required Permissions

SSL

Action: altName

Added in Version

6.3.4-1640

Description

Show ssl alt names an ssl certificate.

Input Parameters

Name

Type

Required?

Example Values

Default Values

Notes

service

string

Yes

SSL_Apache, SSL_IWorxWeb, SSL_Proftpd, SSL_Email_SMTP, SSL_Dovecot

Action: edit

Added in Version

4.7.0-339

Description

Edit an ssl certificate.

Input Parameters

Name

Type

Required?

Example Values

Default Values

Notes

service

string

Yes

SSL_Apache, SSL_IWorxWeb, SSL_Proftpd, SSL_Email_SMTP, SSL_Dovecot

key

string

No*

—–BEGIN RSA PRIVATE KEY—– MIIEpAIBAAKCAQEAv+qULlu4xtq4R/xSTBr28JX4jO6eHuw5YAevpZqm88+AvhC9 Y7RBnahd8dnWIxdz17PuTmkXQ/0FufwkhHPQu6GTZc/0wYrWzHvx6xImj2tJoRQN 9cQGfDPXBh5U2U5RFQ4Na1QHgu0cf50pIMnwlWzX3eaZkxoNwJ3pRQoWa9ndXZpx 924m02TVe5lVjIRzeqXoEZmNmhDbSi5jhVgsUPXexRRf+IguLJfkvpQBw0P/B+hb FmdO2t+qnXEx3hNlBPJ7MHbN4j2dyYV6gMSwX/N3+wh/aT8KXjbG35OmS6bUuVFZ xdcUZ7ohjIXgqbXjk++et+aQLoKfU/ouDawfOwIDAQABAoIBAQCobwqqPRnIfMFr fEoGPUwpDpZbqjjgTtZ0L4q6vyZzqNQG+84cKWHFKrV4w4Squ7SRxXsLGjSvGOvj tSWfkb3KTx58Jq1bB61JPiat9vocuT6fvmgaIHbInv7CgfBZ3+BNqE2iutb004FF hvtHqbQakLJMMEzsy9ryCCVo0FepQsEWmq4E1m/j3B7Am9YQh1ZYiqHoDod1Hd0x wZ8bowQiYIYvVMJE7RDB90ncHInqO6RjN9KeoEupKKjGFSzOdw+DJJCHw910DYN/ kRMyJyi1VUJUclsHtPwdAS0D+apIVz6v/sDQ2lE8xlPYRxqY0JUv71TdkKn+uuKo NYreNCbBAoGBAOdQHpsQdWTNLVEz/iN2XAqesfIRuH6YObLWaJ8c1nMNpltixm1T wdsUFcN7KtTcBiGsJPETVl68xspHI8AGlGWdndrFFLfEnLSDK/CmcsOxpwDHPIOa JEVf34Cbc21D0a2vnE3CBDEYvUYx59PHa0KsXNxxZVawO7vPUhTv7DwLAoGBANRm ErfYyhxI6EW1F8LXlSEfPpJjU0/0XdQO58Io0MVD0u7xNLj7EcRIjMJZQOVN+f8V J7xE8UqoY/GIGRvD6cowby5ziQQyf5g9NI7ZmzdWB+zUMOTg2GZ3x3g7/ucwiqRQ Hv1dXlJS7txf/V1GOV5PSHaAVx9Fn5q78X7e/3eRAoGAVj1my8VdH1Hn3WiXDb2p H0R/b5LvyDMU//o0U246/fZO2a9/727Uzcs1OgaHt4i4uIEn3MGq5/NV4kCXsZZC aYhUPCZSTRl+m0Z0cWp9SzzG2OFvTFmBwGO4Poi2hjxMxoa8rbjyOyPQHYWpuymU ce01SfL1J1bZTnJDVg8FcnUCgYBLV1XGbxjqRZZWu7ENBUm58QpSBPeVgfoScaMW BUJg5vkYluj7wNuBg7aibeSOMkW+jPOGXfI1aFvjXkKBzdHNTbbyhDsTCRKnnvZY wanETDkNcgtR9MvuNQjFhoqZ2Wckd+M2Pntpuk9OTqJiBrns0TTEDCxbRGgkDAzS 0ylNcQKBgQC+6fDYcFPe9laPQ/Kvvf36zwRdXMqBUS/3oTUyVwrVb1HjBjcTVRJs Q1ZEccou634ec5ei4NbXqB9fSf+43yP0YoRObMhGkaGh1xl5sPhyzpKGbta0+j+6 MmXl9sinwojZDk/Fjk4jYCYeBIu4Zj+P8Mj1RddKHvXU/AeGeUoxSQ== —–END RSA PRIVATE KEY—–

crt

string

No*

—–BEGIN CERTIFICATE—– MIID5jCCAs6gAwIBAgICeyMwDQYJKoZIhvcNAQELBQAwgacxCzAJBgNVBAYTAi0t MRIwEAYDVQQIDAlTb21lU3RhdGUxETAPBgNVBAcMCFNvbWVDaXR5MRkwFwYDVQQK DBBTb21lT3JnYW5pemF0aW9uMR8wHQYDVQQLDBZTb21lT3JnYW5pemF0aW9uYWxV bml0MRQwEgYDVQQDDAt0ZW1wLml3eC5pbzEfMB0GCSqGSIb3DQEJARYQcm9vdEB0 ZW1wLml3eC5pbzAeFw0yMTA3MjIxOTM3MTlaFw0yMjA3MjIxOTM3MTlaMIGnMQsw CQYDVQQGEwItLTESMBAGA1UECAwJU29tZVN0YXRlMREwDwYDVQQHDAhTb21lQ2l0 eTEZMBcGA1UECgwQU29tZU9yZ2FuaXphdGlvbjEfMB0GA1UECwwWU29tZU9yZ2Fu aXphdGlvbmFsVW5pdDEUMBIGA1UEAwwLdGVtcC5pd3guaW8xHzAdBgkqhkiG9w0B CQEWEHJvb3RAdGVtcC5pd3guaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC/6pQuW7jG2rhH/FJMGvbwlfiM7p4e7DlgB6+lmqbzz4C+EL1jtEGdqF3x 2dYjF3PXs+5OaRdD/QW5/CSEc9C7oZNlz/TBitbMe/HrEiaPa0mhFA31xAZ8M9cG HlTZTlEVDg1rVAeC7Rx/nSkgyfCVbNfd5pmTGg3AnelFChZr2d1dmnH3bibTZNV7 mVWMhHN6pegRmY2aENtKLmOFWCxQ9d7FFF/4iC4sl+S+lAHDQ/8H6FsWZ07a36qd cTHeE2UE8nswds3iPZ3JhXqAxLBf83f7CH9pPwpeNsbfk6ZLptS5UVnF1xRnuiGM heCpteOT75635pAugp9T+i4NrB87AgMBAAGjGjAYMAkGA1UdEwQCMAAwCwYDVR0P BAQDAgXgMA0GCSqGSIb3DQEBCwUAA4IBAQAjvlNoeIo9B3dhPP4zUdpkpSkrF7Np crELPh3cp1qyLk5ONsuWCfoCejdQcP6JGKGb9r95aK5p+ELdKqdoHU9zHXouV1lv n6gKflm0QtuP4ybAmmjbwQ2gePUd7W+SrXQAJZKDWq7axycdNtRbZCGX3uIYgYqP UXwUnG3E/W/57YhfoxTQ3mDYaBlXXl2VJwnQlP27LRHbsSosw48yZqLvKuC4oFJ8 uOR5zTW+S3wgGhnbn2VkBnNfXcfkYjrMX7Hb4fzKm8kO2bFu/sYeYfSE6tz67wuv Fe73QR6ZNhOi+r3YMQVZpxuFeOOUim5gGnHcWRvqtnEsrZMwgwu1xSdS —–END CERTIFICATE—–

chain

string

No

ssl_ciphersuite

string

No

HIGH:MEDIUM:!EXPORT:!SSLv2:!ADH:!aNULL:!eNULL:!NULL:!LOW

This complex directive uses a colon-separated cipher-spec string consisting of OpenSSL cipher specifications to configure the Cipher Suite the client is permitted to negotiate in the SSL handshake phase.

restart_now

integer

No*

1, 0

0

Most services require a restart before a new SSL Certificate can be used. Selecting ‘YES’ will restart the service immediately and selecting ‘NO’ will restart the service within 5 minutes.

cascade_to_nodes

integer

No

1

Selecting this option causes the action to be replayed on all nodes of the cluster automatically, as if you had logged in to each node manually

* indicates that it’s actually required, but probably already has a valid default value.

Action: fail

Added in Version

n/a

Description

Magic function - test for failure mechanism.

Action: generate

Added in Version

4.7.0-339

Description

Generate a self-signed SSL cert.

Input Parameters

Name

Type

Required?

Example Values

Default Values

Notes

key_length

integer

No*

2048, 3072, 4096

2048

expiration_years

integer

No*

1

Specifies the number of years before the self-signed SSL certificate expires.

countryName

string

No*

US, CA, AF, AL, DZ, AS, AD, AO, AI, AQ, AG, AR, AM, AW, AU, AT, AZ, BS, BH, BD, BB, BY, BE, BZ, BJ, BM, BT, BO, BA, BW, BV, BR, IO, BN, BG, BF, BI, KH, CM, CV, KY, CF, TD, CL, CN, CX, CC, CO, KM, CG, …

US

Please enter the 2-letter country code corresponding to your country.

stateOrProvinceName

string

Yes

Please enter the name of the state or province in which you reside.

localityName

string

Yes

Please enter the name of the city in which you reside.

organizationName

string

Yes

Please enter the name of the company to which this certificate belongs.

organizationalUnitName

string

Yes

Please enter the name of the company division to which this certificate belongs.

commonName

string

Yes

Please select the domain name (common name) this certificate will use. If you do not see your desired domain, you will first need to add it as a pointerdomain or as a subdomain in SiteWorx.<br/><br/>Note that ‘www.domain.com’ is <strong>not</strong> the same as ‘domain.com’.<br/><br/>A wildcard domain begins with an asterisk, ‘*’, and is valid for all subdomains. For example, a Common Name of ‘*.domain.com’ would create a CSR that is valid for ‘domain.com’, ‘sub1.domain.com’, ‘sub2.domain.com’, and so on.

subjectAltName

struct (string)

No

List alternative domain names you wish to associate with this certificate.

emailAddress

string

Yes

Please enter the email address that is associated with this certificate.

email_ssl_cert

integer

No

1

If this option is selected, an e-mail address can be specified. After the certificate is generated, it will be sent to that address.

copy_to_email

string

No

apidocs@interworx.com

services

struct (string)

No

SSL_Apache, SSL_IWorxWeb, SSL_Proftpd, SSL_Email_SMTP, SSL_Dovecot

Select which services will have the SSL certificated automatically installed.

restart_now

integer

No

1, 0

0

Most services require a restart before a new SSL Certificate can be used. Selecting ‘YES’ will restart the service immediately and selecting ‘NO’ will restart the service within 5 minutes.

* indicates that it’s actually required, but probably already has a valid default value.

Action: listSslCerts

Added in Version

4.8.0-393

Description

List installed server SSL Certificates.

Sample Output

array (
  'status' => 0,
  'payload' =>
  array (
    0 =>
    array (
      'shortname' => 'SSL_Apache',
      'name' => 'Web-Server Default SSL',
      'domain' => 'temp.iwx.io',
      'alt_name' => NULL,
      'is_expired' => false,
      'nearly_expired' => false,
      'expires' => 1658518639,
      'issuer' => 'SomeOrganization',
    ),
    1 =>
    array (
      'shortname' => 'SSL_IWorxWeb',
      'name' => 'InterWorx-SSL',
      'domain' => 'default-ssl.interworx.com',
      'alt_name' => NULL,
      'is_expired' => false,
      'nearly_expired' => false,
      'expires' => 1673627390,
      'issuer' => 'INTERWORX LLC',
    ),
    2 =>
    array (
      'shortname' => 'SSL_Proftpd',
      'name' => 'FTP Server',
      'domain' => 'localhost.localdomain',
      'alt_name' => NULL,
      'is_expired' => false,
      'nearly_expired' => false,
      'expires' => 1658518794,
      'issuer' => 'SomeOrganization',
    ),
  ),
)

Action: queryEdit

Added in Version

5.1.0-838

Description

Displays the information available to the action “edit”.

Input Parameters

Name

Type

Required?

Example Values

Default Values

Notes

service

string

Yes

SSL_Apache, SSL_IWorxWeb, SSL_Proftpd, SSL_Email_SMTP, SSL_Dovecot

Sample Output

array (
  'status' => 0,
  'payload' =>
  array (
    'key' => '-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAv+qULlu4xtq4R/xSTBr28JX4jO6eHuw5YAevpZqm88+AvhC9
Y7RBnahd8dnWIxdz17PuTmkXQ/0FufwkhHPQu6GTZc/0wYrWzHvx6xImj2tJoRQN
9cQGfDPXBh5U2U5RFQ4Na1QHgu0cf50pIMnwlWzX3eaZkxoNwJ3pRQoWa9ndXZpx
924m02TVe5lVjIRzeqXoEZmNmhDbSi5jhVgsUPXexRRf+IguLJfkvpQBw0P/B+hb
FmdO2t+qnXEx3hNlBPJ7MHbN4j2dyYV6gMSwX/N3+wh/aT8KXjbG35OmS6bUuVFZ
xdcUZ7ohjIXgqbXjk++et+aQLoKfU/ouDawfOwIDAQABAoIBAQCobwqqPRnIfMFr
fEoGPUwpDpZbqjjgTtZ0L4q6vyZzqNQG+84cKWHFKrV4w4Squ7SRxXsLGjSvGOvj
tSWfkb3KTx58Jq1bB61JPiat9vocuT6fvmgaIHbInv7CgfBZ3+BNqE2iutb004FF
hvtHqbQakLJMMEzsy9ryCCVo0FepQsEWmq4E1m/j3B7Am9YQh1ZYiqHoDod1Hd0x
wZ8bowQiYIYvVMJE7RDB90ncHInqO6RjN9KeoEupKKjGFSzOdw+DJJCHw910DYN/
kRMyJyi1VUJUclsHtPwdAS0D+apIVz6v/sDQ2lE8xlPYRxqY0JUv71TdkKn+uuKo
NYreNCbBAoGBAOdQHpsQdWTNLVEz/iN2XAqesfIRuH6YObLWaJ8c1nMNpltixm1T
wdsUFcN7KtTcBiGsJPETVl68xspHI8AGlGWdndrFFLfEnLSDK/CmcsOxpwDHPIOa
JEVf34Cbc21D0a2vnE3CBDEYvUYx59PHa0KsXNxxZVawO7vPUhTv7DwLAoGBANRm
ErfYyhxI6EW1F8LXlSEfPpJjU0/0XdQO58Io0MVD0u7xNLj7EcRIjMJZQOVN+f8V
J7xE8UqoY/GIGRvD6cowby5ziQQyf5g9NI7ZmzdWB+zUMOTg2GZ3x3g7/ucwiqRQ
Hv1dXlJS7txf/V1GOV5PSHaAVx9Fn5q78X7e/3eRAoGAVj1my8VdH1Hn3WiXDb2p
H0R/b5LvyDMU//o0U246/fZO2a9/727Uzcs1OgaHt4i4uIEn3MGq5/NV4kCXsZZC
aYhUPCZSTRl+m0Z0cWp9SzzG2OFvTFmBwGO4Poi2hjxMxoa8rbjyOyPQHYWpuymU
ce01SfL1J1bZTnJDVg8FcnUCgYBLV1XGbxjqRZZWu7ENBUm58QpSBPeVgfoScaMW
BUJg5vkYluj7wNuBg7aibeSOMkW+jPOGXfI1aFvjXkKBzdHNTbbyhDsTCRKnnvZY
wanETDkNcgtR9MvuNQjFhoqZ2Wckd+M2Pntpuk9OTqJiBrns0TTEDCxbRGgkDAzS
0ylNcQKBgQC+6fDYcFPe9laPQ/Kvvf36zwRdXMqBUS/3oTUyVwrVb1HjBjcTVRJs
Q1ZEccou634ec5ei4NbXqB9fSf+43yP0YoRObMhGkaGh1xl5sPhyzpKGbta0+j+6
MmXl9sinwojZDk/Fjk4jYCYeBIu4Zj+P8Mj1RddKHvXU/AeGeUoxSQ==
-----END RSA PRIVATE KEY-----',
    'crt' => '-----BEGIN CERTIFICATE-----
MIID5jCCAs6gAwIBAgICeyMwDQYJKoZIhvcNAQELBQAwgacxCzAJBgNVBAYTAi0t
MRIwEAYDVQQIDAlTb21lU3RhdGUxETAPBgNVBAcMCFNvbWVDaXR5MRkwFwYDVQQK
DBBTb21lT3JnYW5pemF0aW9uMR8wHQYDVQQLDBZTb21lT3JnYW5pemF0aW9uYWxV
bml0MRQwEgYDVQQDDAt0ZW1wLml3eC5pbzEfMB0GCSqGSIb3DQEJARYQcm9vdEB0
ZW1wLml3eC5pbzAeFw0yMTA3MjIxOTM3MTlaFw0yMjA3MjIxOTM3MTlaMIGnMQsw
CQYDVQQGEwItLTESMBAGA1UECAwJU29tZVN0YXRlMREwDwYDVQQHDAhTb21lQ2l0
eTEZMBcGA1UECgwQU29tZU9yZ2FuaXphdGlvbjEfMB0GA1UECwwWU29tZU9yZ2Fu
aXphdGlvbmFsVW5pdDEUMBIGA1UEAwwLdGVtcC5pd3guaW8xHzAdBgkqhkiG9w0B
CQEWEHJvb3RAdGVtcC5pd3guaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/6pQuW7jG2rhH/FJMGvbwlfiM7p4e7DlgB6+lmqbzz4C+EL1jtEGdqF3x
2dYjF3PXs+5OaRdD/QW5/CSEc9C7oZNlz/TBitbMe/HrEiaPa0mhFA31xAZ8M9cG
HlTZTlEVDg1rVAeC7Rx/nSkgyfCVbNfd5pmTGg3AnelFChZr2d1dmnH3bibTZNV7
mVWMhHN6pegRmY2aENtKLmOFWCxQ9d7FFF/4iC4sl+S+lAHDQ/8H6FsWZ07a36qd
cTHeE2UE8nswds3iPZ3JhXqAxLBf83f7CH9pPwpeNsbfk6ZLptS5UVnF1xRnuiGM
heCpteOT75635pAugp9T+i4NrB87AgMBAAGjGjAYMAkGA1UdEwQCMAAwCwYDVR0P
BAQDAgXgMA0GCSqGSIb3DQEBCwUAA4IBAQAjvlNoeIo9B3dhPP4zUdpkpSkrF7Np
crELPh3cp1qyLk5ONsuWCfoCejdQcP6JGKGb9r95aK5p+ELdKqdoHU9zHXouV1lv
n6gKflm0QtuP4ybAmmjbwQ2gePUd7W+SrXQAJZKDWq7axycdNtRbZCGX3uIYgYqP
UXwUnG3E/W/57YhfoxTQ3mDYaBlXXl2VJwnQlP27LRHbsSosw48yZqLvKuC4oFJ8
uOR5zTW+S3wgGhnbn2VkBnNfXcfkYjrMX7Hb4fzKm8kO2bFu/sYeYfSE6tz67wuv
Fe73QR6ZNhOi+r3YMQVZpxuFeOOUim5gGnHcWRvqtnEsrZMwgwu1xSdS
-----END CERTIFICATE-----',
    'chain' => '',
    'ssl_ciphersuite' => 'HIGH:MEDIUM:!EXPORT:!SSLv2:!ADH:!aNULL:!eNULL:!NULL:!LOW',
    'restart_now' => '0',
    'service' => 'SSL_Apache',
  ),
)

Action: reroute

Added in Version

n/a

Description

Action to re-route from the current controller to a different one.

Input Parameters

Name

Type

Required?

Example Values

Default Values

Notes

controller

string

Yes

Index, Overview, Users, Lang, Apikey, Plugins, Twofactorauth, Notice, Siteworx, Shell, Packages, Backup, Import, Softaculous, Reseller, ResellerPackages, ResellerBandwidthhistory, Http, Ftp, Sshd, MailMta, MailSmtp, MailSmtp2, MailSend, MailMda, MailMsa, MailDovecot, MailSpam, MailVirus, MailMailman, MailQueue, Mysql, MysqlRemote, MysqlPhpmyadmin, Dns, DnsZone, DnsRecord, DnsSync, Nfs, NfsExport, NfsMount, Health, Cron, Firewall, Ssl, Logs, Settings, Updates, Rrd, Ip, …

Action: syncLetsEncrypt

Added in Version

5.1.6-1056

Description

Syncs LetsEncrypt certs across cluster.

Action: updateall

Added in Version

4.7.0-339

Description

Update all services to use the same SSL cert.

Input Parameters

Name

Type

Required?

Example Values

Default Values

Notes

cert_source

string

No

direct, domain, le

direct

When installing service default SSL certificates, you can choose to install the the certificate files directly, or use the certificate files already installed on a domain in SiteWorx.

key

string

No

crt

string

No

chain

string

No

domain

integer

No

le_domain

string

No

apidocs.interworx.com

A domain not used in a SiteWorx account that resolves to the server. - Domain doesn’t resolve to this server or belongs to a SiteWorx account.

le_email

string

No

apidocs@interworx.com

Please enter the email address that is associated with this certificate. - Used for urgent notices and lost key recovery.

le_mode

string

No

staging, live

live

“Live” mode will generate a real LetsEncrypt signed certificate. “Staging” mode will generate a fake certificate that should only be used for testing purposes.

services

struct (string)

No*

SSL_Apache, SSL_IWorxWeb, SSL_Proftpd, SSL_Email_SMTP, SSL_Dovecot

[“SSL_Apache”,”SSL_IWorxWeb”,”SSL_Proftpd”,”SSL_Email_SMTP”,”SSL_Dovecot”]

Select which services will have the SSL certificated automatically installed.

restart_now

integer

No

1, 0

0

Most services require a restart before a new SSL Certificate can be used. Selecting ‘YES’ will restart the service immediately and selecting ‘NO’ will restart the service within 5 minutes.

cascade_to_nodes

integer

No

1

Selecting this option causes the action to be replayed on all nodes of the cluster automatically, as if you had logged in to each node manually

* indicates that it’s actually required, but probably already has a valid default value.

Action: view

Added in Version

4.7.0-339

Description

View a given ssl cert, and any related information.

Input Parameters

Name

Type

Required?

Example Values

Default Values

Notes

service

string

Yes

SSL_Apache, SSL_IWorxWeb, SSL_Proftpd, SSL_Email_SMTP, SSL_Dovecot

Action: win

Added in Version

n/a

Description

Magic function - test for testing success mechanism.