https://www.howtoforge.com/tutorial/perfect-server-centos-8-apache-mysql-php-pureftpd-postfix-dovecot-and-ispconfig/
Minimum 8GB RAM
CPU 4
# hostnamectl set-hostname ispconfig
# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost
192.168.199.60 ispconfig
# sudo dnf install -y iproute-tc
# iptables -L
# yum -y install vim tar w!get nano epel-release nmap git
–> Install apt-get
# curl https://raw.githubusercontent.com/dvershinin/apt-get-centos/master/apt-get.sh -o /usr/local/bin/apt-get
# chmod 0755 /usr/local/bin/apt-get
# systemctl disable firewalld
# vi /etc/selinux/config
SELINUX=disabled
# reboot
================================== ISPconfig ========================================
4. Enable Additional Repositories and Install Some Software
rpm –import /etc/pki/rpm-gpg/RPM-GPG-KEY*
dnf -y install epel-release
dnf config-manager –set-enabled powertools
dnf -y update
dnf -y groupinstall ‘Development Tools’
5 Quota
# dnf -y install quota
# mount | grep ‘ / ‘
# mount | grep ‘ /var ‘
–> Enabling quota on the / (root) partition
N.B. Search for the line that starts with GRUB_CMDLINE_LINUX and add rootflags=uquota,gquota
# nano /etc/default/grub
GRUB_CMDLINE_LINUX=”crashkernel=auto resume=/dev/mapper/cl-swap rd.lvm.lv=cl/root rd.lvm.lv=cl/swap rootflags=uquota,gquota”
# cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg_bak
grub2-mkconfig -o /boot/grub2/grub.cfg
# reboot
# mount | grep ‘ / ‘
6. Install Apache, PHP, MySQL and phpMyAdmin
dnf install http://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf -y install yum-utils
dnf -y module reset php
dnf -y module install php:remi-7.4
dnf update
# dnf -y install httpd mod_ssl mariadb-server php php-mysqlnd php-mbstring
# echo “RequestHeader unset Proxy early” >> /etc/httpd/conf/httpd.conf
# service httpd restart
–> Install phpMyAdmin:
cd /tmp
w!get https://files.phpmyadmin.net/phpMyAdmin/5.0.2/phpMyAdmin-5.0.2-all-languages.tar.gz
tar xzvf phpMyAdmin-5.0.2-all-languages.tar.gz
mkdir /usr/share/phpmyadmin
mv phpMyAdmin-5.0.2-all-languages/* /usr/share/phpmyadmin/
mkdir /usr/share/phpmyadmin/tmp
chown -R apache:apache /usr/share/phpmyadmin
chmod 777 /usr/share/phpmyadmin/tmp
# nano /etc/httpd/conf.modules.d/00-mpm.conf
–> Add a # in front of the MPM event line so it looks like this:
# LoadModule mpm_event_module modules/mod_mpm_event.so
–> Then remove the # in from of the MPM Prefork line, so it looks like this:
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
# service httpd restart
7. Install Dovecot
# dnf -y install dovecot dovecot-mysql dovecot-pigeonhole
touch /etc/dovecot/dovecot-sql.conf
ln -s /etc/dovecot/dovecot-sql.conf /etc/dovecot-sql.conf
ln -s /etc/dovecot/dovecot.conf /etc/dovecot.conf
systemctl enable dovecot
systemctl start dovecot
8. Install Postfix
# dnf -y install postfix postfix-mysql
# nano /etc/postfix/master.cf
N.B. Uncomment the submission and smtps sections as follows and add lines where necessary so that this section of the master.cf file looks exactly like the one below.
submission inet n – n – – smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
smtps inet n – n – – smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
systemctl enable mariadb.service
systemctl start mariadb.service
systemctl enable postfix.service
systemctl restart postfix.service
# update-crypto-policies –set LEGACY
9. Install Getmail
dnf install python2
cd /tmp
w!get http://pyropus.ca/software/getmail/old-versions/getmail-5.14.tar.gz
tar xvfz getmail-5.14.tar.gz
cd getmail-5.14
python2 setup.py build
python2 setup.py install
10. Set MySQL Passwords and Configure phpMyAdmin
# mysql_secure_installation
Set root password? [Y/n] <– ENTER
New password: zareef@123
Re-enter new password: zareef@123
Remove anonymous users? [Y/n] <– ENTER
Disallow root login remotely? [Y/n] <– ENTER
Remove test database and access to it? [Y/n] <– ENTER
Reload privilege tables now? [Y/n] <– ENTER
# nano /etc/httpd/conf.d/phpmyadmin.conf
–> Add this content to the file:
# phpMyAdmin – Web based MySQL browser written in php
#
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL
Alias /phpMyAdmin /usr/share/phpmyadmin
Alias /phpmyadmin /usr/share/phpmyadmin
<Directory /usr/share/phpmyadmin/>
<IfModule mod_authz_core.c>
# Apache 2.4
# <RequireAny>
# Require ip 127.0.0.1
# Require ip ::1
# </RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>
# cp -pf /usr/share/phpmyadmin/config.sample.inc.php /usr/share/phpmyadmin/config.inc.php
# nano /usr/share/phpmyadmin/config.inc.php
/* Authentication type */
$cfg[‘Servers’][$i][‘auth_type’] = ‘http’;
systemctl enable httpd
systemctl restart httpd
–> Now you can direct your browser to http://192.168.0.100/phpmyadmin/
User Nmae: root
password : zareef@123
11. Install Amavisd-new, SpamAssassin, ClamAV, and Postgrey
# dnf -y install amavisd-new spamassassin clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd unzip bzip2 perl-DBD-mysql postgrey re2c
sa-update
freshclam
systemctl enable amavisd.service
systemctl start amavisd.service
systemctl start clamd@amavisd.service
systemctl enable postgrey.service
systemctl start postgrey.service
# nano /etc/sysconfig/postgrey
change the line:
POSTGREY_TYPE=”–unix=/var/spool/postfix/postgrey/socket”
to
POSTGREY_TYPE=”–inet=10023″
# service postgrey restart
# nano /etc/clamd.d/amavisd.conf
change the line:
LocalSocket /run/clamd.amavisd/clamd.sock
to
LocalSocket /var/spool/amavisd/clamd.sock
# systemctl restart clamd@amavisd.service
# nano /usr/lib/systemd/system/freshclam.service
[Unit]
Description = ClamAV Scanner
After = network.target
[Service]
Type = forking
# if you want to scan more than one in a day change the number 1 with your desired number in below line.
ExecStart = /usr/bin/freshclam -d -c 1
Restart = on-failure
PrivateTmp =true
[Install]
WantedBy=multi-user.target
systemctl enable freshclam.service
systemctl start freshclam.service
systemctl status freshclam.service
12. Installing Apache with mod_php, mod_fcgi/PHP, PHP-FPM
# dnf -y install php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-pecl-apc php-mbstring php-mcrypt php-snmp php-soap php-tidy curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel mod_fcgid php-cli httpd-devel php-fpm php-intl php-imagick php-pspell w!get
# nano /etc/php.ini
–> change the error reporting
–> set the timezone and
–> uncomment cgi.fix_pathinfo=1:
[…]
;error_reporting = E_ALL & ~E_DEPRECATED
error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT
[…]
; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP’s
; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
; what PATH_INFO is. For more information on PAppp.tldTH_INFO, see the cgi specs. Setting
; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting
; of zero causes PHP to behave as before. Default is 1. You should fix your scripts
; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
; http://www.php.net/manual/en/ini.core.php#ini.cgi.fix-pathinfo
cgi.fix_pathinfo=1
[…]
date.timezone = ‘Europe/Berlin’
[…]
systemctl start php-fpm.service
systemctl enable php-fpm.service
systemctl enable httpd.service
# systemctl restart httpd.service
# curl https://get.acme.sh | sh -s
13. Installation of mod_python
# dnf -y install python3-devel
cd /usr/local/src/
w!get http://dist.modpython.org/dist/mod_python-3.5.0.tgz
tar xfz mod_python-3.5.0.tgz
cd mod_python-3.5.0
# ./configure –with-python=/usr/bin/python3
# make
# sed -e ‘s/(git describe –always)/(git describe –always 2>\/dev\/null)/g’ -e ‘s/`git describe –always`/`git describe –always 2>\/dev\/null`/g’ -i $( find . -type f -name Makefile\* -o -name version.sh )
# make install
# echo ‘LoadModule python_module modules/mod_python.so’ > /etc/httpd/conf.modules.d/10-python.conf
# systemctl restart httpd.service
14. Install PureFTPd
dnf -y install pure-ftpd
systemctl enable pure-ftpd.service
systemctl start pure-ftpd.service
# dnf install openssl
# nano /etc/pure-ftpd/pure-ftpd.conf
N.B. If you want to allow FTP and TLS sessions, set TLS to 1 by removing the # in front of the TLS line.
[…]
# This option can accept three values :
# 0 : disable SSL/TLS encryption layer (default).
# 1 : accept both traditional and encrypted sessions.
# 2 : refuse connections that don’t use SSL/TLS security mechanisms,
# including anonymous sessions.
# Do _not_ uncomment this blindly. Be sure that :
# 1) Your server has been compiled with SSL/TLS support (–with-tls),
# 2) A valid certificate is in place,
# 3) Only compatible clients will log in.
TLS 1
[…]
# mkdir -p /etc/ssl/private/
# openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem
Country Name (2 letter code) [XX]: <– Enter your Country Name (e.g., “DE”).
State or Province Name (full name) []: <– Enter your State or Province Name.
Locality Name (eg, city) [Default City]: <– Enter your City.
Organization Name (eg, company) [Default Company Ltd]: <– Enter your Organization Name (e.g., the name of your company).
Organizational Unit Name (eg, section) []: <– Enter your Organizational Unit Name (e.g. “IT Department”).
Common Name (eg, your name or your server’s hostname) []: <– Enter the Fully Qualified Domain Name of the system (e.g. “server1.example.com”).
Email Address []: <– Enter your Email Address.
# chmod 600 /etc/ssl/private/pure-ftpd.pem
# openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048
# systemctl restart pure-ftpd.service
***********************************15. Install BIND***************************************
# dnf -y install bind bind-utils haveged
# cp /etc/named.conf /etc/named.conf_bak
# cat /dev/null > /etc/named.conf
# nano /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
memstatistics-file “/var/named/data/named_mem_stats.txt”;
allow-query { any; };
allow-recursion {“none”;};
recursion no;
};
logging {
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};
zone “.” IN {
type hint;
file “named.ca”;
};
include “/etc/named.conf.local”;
# touch /etc/named.conf.local
systemctl enable named.service
systemctl start named.service
systemctl enable haveged.service
systemctl start haveged.service
************************************ 16. Install AWStats ******************************
# dnf -y install awstats perl-DateTime-Format-HTTP perl-DateTime-Format-Builder
************************************ 17 Install Jailkit *******************************
ln -s /usr/bin/python2 /usr/bin/python
cd /tmp
w!get http://olivier.sessink.nl/jailkit/jailkit-2.21.tar.gz
tar xvfz jailkit-2.21.tar.gz
cd jailkit-2.21
./configure
make
make install
cd ..
rm -rf jailkit-2.21*
************************************* 18. Install Fail2Ban ******************************
dnf -y install iptables-services fail2ban fail2ban-systemd
systemctl stop firewalld.service
systemctl mask firewalld.service
systemctl disable firewalld.service
# nano /etc/fail2ban/jail.local
[sshd]
enabled = true
action = iptables[name=sshd, port=ssh, protocol=tcp]
[pure-ftpd]
enabled = true
action = iptables[name=FTP, port=ftp, protocol=tcp]
maxretry = 3
[dovecot]
enabled = true
action = iptables-multiport[name=dovecot, port=”pop3,pop3s,imap,imaps”, protocol=tcp]
maxretry = 5
[postfix-sasl]
enabled = true
action = iptables-multiport[name=postfix-sasl, port=”smtp,smtps,submission”, protocol=tcp]
maxretry = 3
systemctl enable fail2ban.service
systemctl start fail2ban.service
************************************ 19. Install rkhunter **********************************
dnf -y install rkhunter
************************************ 20. Install Mailman **********************************
# dnf -y install mailman
touch /var/lib/mailman/data/aliases
postmap /var/lib/mailman/data/aliases
/usr/lib/mailman/bin/newlist mailman
ln -s /usr/lib/mailman/mail/mailman /usr/bin/mailman
# /usr/lib/mailman/bin/newlist mailman
Enter the email of the person running the list: 007zafar@gmail.com
Initial mailman password: zareef@gmail.com
Hit enter to notify mailman owner… <– ENTER
# nano /etc/aliases
N.B. … and add the following lines:
[…]
mailman: “|/usr/lib/mailman/mail/mailman post mailman”
mailman-admin: “|/usr/lib/mailman/mail/mailman admin mailman”
mailman-bounces: “|/usr/lib/mailman/mail/mailman bounces mailman”
mailman-confirm: “|/usr/lib/mailman/mail/mailman confirm mailman”
mailman-join: “|/usr/lib/mailman/mail/mailman join mailman”
mailman-leave: “|/usr/lib/mailman/mail/mailman leave mailman”
mailman-owner: “|/usr/lib/mailman/mail/mailman owner mailman”
mailman-request: “|/usr/lib/mailman/mail/mailman request mailman”
mailman-subscribe: “|/usr/lib/mailman/mail/mailman subscribe mailman”
mailman-unsubscribe: “|/usr/lib/mailman/mail/mailman unsubscribe mailman”
# newaliases
# systemctl restart postfix.service
# nano /etc/httpd/conf.d/mailman.conf
N.B.
–> .. and add the line ScriptAlias /cgi-bin/mailman/ /usr/lib/mailman/cgi-bin/
–> Comment out Alias /pipermail/ /var/lib/mailman/archives/public/ and
–> add the line Alias /pipermail /var/lib/mailman/archives/public/
#
# httpd configuration settings for use with mailman.
#
ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/
ScriptAlias /cgi-bin/mailman/ /usr/lib/mailman/cgi-bin/
<Directory /usr/lib/mailman/cgi-bin/>
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
#Alias /pipermail/ /var/lib/mailman/archives/public/
Alias /pipermail /var/lib/mailman/archives/public/
<Directory /var/lib/mailman/archives/public>
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
AddDefaultCharset Off
</Directory>
# Uncomment the following line, to redirect queries to /mailman to the
# listinfo page (recommended).
# RedirectMatch ^/mailman[/]*$ /mailman/listinfo
—————————>>>>><<<<———————
systemctl restart httpd.service
systemctl enable mailman.service
systemctl start mailman.service
***************************************** 21. Install Roundcube webmail ********************
cd /tmp
w!get https://github.com/roundcube/roundcubemail/releases/download/1.4.3/roundcubemail-1.4.3-complete.tar.gz
tar xfz roundcubemail-1.4.3-complete.tar.gz
mkdir /usr/share/roundcubemail
mv /tmp/roundcubemail-1.4.3/* /usr/share/roundcubemail/
chown -R root:root /usr/share/roundcubemail
chown apache /usr/share/roundcubemail/temp
chown apache /usr/share/roundcubemail/logs
# nano /etc/httpd/conf.d/roundcubemail.conf
–> And add the following content to that file:
#
# Round Cube Webmail is a browser-based multilingual IMAP client
#
Alias /roundcubemail /usr/share/roundcubemail
Alias /webmail /usr/share/roundcubemail
# Define who can access the Webmail
# You can enlarge permissions once configured
<Directory /usr/share/roundcubemail/>
Options none
AllowOverride Limit
Require all granted
</Directory>
# Define who can access the installer
# keep this secured once configured
<Directory /usr/share/roundcubemail/installer>
Options none
AllowOverride Limit
Require all granted
</Directory>
# Those directories should not be viewed by Web clients.
<Directory /usr/share/roundcubemail/bin/>
Order Allow,Deny
Deny from all
</Directory>
<Directory /usr/share/roundcubemail/plugins/enigma/home/>
Order Allow,Deny
Deny from all
</Directory>
# systemctl restart httpd.service
# mysql -u root -p [zareef@123]
CREATE DATABASE roundcubedb;
CREATE USER roundcubeuser@localhost IDENTIFIED BY ’roundcubepassword’;
GRANT ALL PRIVILEGES on roundcubedb.* to roundcubeuser@localhost ;
FLUSH PRIVILEGES;
exit
# nano /usr/share/roundcubemail/config/config.inc.php
<?php
/* Local configuration for Roundcube Webmail */
// ———————————-
// SQL DATABASE
// ———————————-
// Database connection string (DSN) for read+write operations
// Format (compatible with PEAR MDB2): db_provider://user:password@host/database
// Currently supported db_providers: mysql, pgsql, sqlite, mssql, sqlsrv, oracle
// For examples see http://pear.php.net/manual/en/package.database.mdb2.intro-dsn.php
// NOTE: for SQLite use absolute path (Linux): ‘sqlite:////full/path/to/sqlite.db?mode=0646’
// or (Windows): ‘sqlite:///C:/full/path/to/sqlite.db’
$config[‘db_dsnw’] = ‘mysql://roundcubeuser:roundcubepassword@localhost/roundcubedb’;
// ———————————-
// IMAP
// ———————————-
// The IMAP host chosen to perform the log-in.
// Leave blank to show a textbox at login, give a list of hosts
// to display a pulldown menu or set one host as string.
// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
// Supported replacement variables:
// %n – hostname ($_SERVER[‘SERVER_NAME’])
// %t – hostname without the first part
// %d – domain (http hostname $_SERVER[‘HTTP_HOST’] without the first part)
// %s – domain name after the ‘@’ from e-mail address provided at login screen
// For example %n = mail.domain.tld, %t = domain.tld
// WARNING: After hostname change update of mail_host column in users table is
// required to match old user data records with the new host.
$config[‘default_host’] = ‘localhost’;
$config[‘smtp_server’] = ‘localhost’;
$config[‘smtp_port’] = 25;
// provide an URL where a user can get support for this Roundcube installation
// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
$config[‘support_url’] = ”;
// This key is used for encrypting purposes, like storing of imap password
// in the session. For historical reasons it’s called DES_key, but it’s used
// with any configured cipher_method (see below).
$config[‘des_key’] = ‘pb0UucO0eqjgvhrqYlFTBVjE’;
// ———————————-
// PLUGINS
// ———————————-
// List of active plugins (in plugins/ directory)
$config[‘plugins’] = array();
// Set the spell checking engine. Possible values:
// – ‘googie’ – the default (also used for connecting to Nox Spell Server, see ‘spellcheck_uri’ setting)
// – ‘pspell’ – requires the PHP Pspell module and aspell installed
// – ‘enchant’ – requires the PHP Enchant module
// – ‘atd’ – install your own After the Deadline server or check with the people at http://www.afterthedeadline.com before using their API
// Since Google shut down their public spell checking service, the default settings
// connect to http://spell.roundcube.net which is a hosted service provided by Roundcube.
// You can connect to any other googie-compliant service by setting ‘spellcheck_uri’ accordingly.
$config[‘spellcheck_engine’] = ‘pspell’;
$config[‘enable_installer’] = true;
save & exit
http://192.168.0.100/roundcubemail/installer
—> Then press “continue” in the web installer.
—> On the following page, press on the button “Initialize database”.
# nano /usr/share/roundcubemail/config/config.inc.php
change the line:
$config[‘enable_installer’] = true;
to:
$config[‘enable_installer’] = false;
http://192.168.0.100/webmail
N.B. The RoundCube login is the email address and password of an email account that you create later in ISPConfig.
****************************************** 22. Install ISPConfig 3.2 *************************
cd /tmp
w!get -O ispconfig.tar.gz https://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xfz ispconfig.tar.gz
cd ispconfig3*/install/
# php -q install.php
# php install.php
Select language (en,de) [en]: <– Hit Enter
Installation mode (standard,expert) [standard]: <– Hit Enter
Full qualified hostname (FQDN) of the server, <– Hit Enter
MySQL server hostname [localhost]: <– Hit Enter
MySQL server port [3306]: <– Hit Enter
MySQL root username [root]: <– Hit Enter
MySQL root password []: <– zareef@123
MySQL database to create [dbispconfig]: <– Hit Enter
MySQL charset [utf8]: <– Hit Enter
Country Name (2 letter code) [XX]: <– Enter 2 Letter country code, e.g. US
State or Province Name (full name) []: <– Enter anme of State or Province
Locality Name (eg, city) [Default City]: <– Name of city
Organization Name (eg, company) : <– Company name
Organizational Unit Name (eg, section) []: <– Hit Enter
Common Name (eg, your server’s hostname) []: <– Enter server hostname here, in my case: server1.example.com
Email Address []: <– Enter Email address
ISPConfig Port [8080]: <– Hit Enter
Admin password [fad579a6]: <– zareef@123 for ISPConfig admin user
Re-enter admin password []: <– zareef@123
Do you want a secure (SSL) connection <– Hit Enter
Country Name (2 letter code) [XX]: <– Enter 2 Letter country code, e.g. US
State or Province Name (full name) []: <– Enter anme of State or Province
Locality Name (eg, city) [Default City]: <– Name of city
Organization Name (eg, company) : <– Company name
Organizational Unit Name (eg, section) []: <– Hit Enter
Common Name (your server’s hostname) []: <– Enter server hostname here, in my case: server1.example.com
Email Address []: <– Enter Email address
A challenge password []: <– Hit Enter
An optional company name []: <– Hit Enter
http://192.168.0.100:8080/
https://192.168.0.100:8080/