首先必须开启SNI功能，以支持单IP绑定多个证书。官方帮助文档见:Allow SNI for shared IP SSL certificates
简单来说，就是在DA配置文件/usr/local/directadmin/conf/directadmin.conf中添加行语句：

[php]enable_ssl_sni=1[/php]

DirectAdmin开启自动配置Let’s Encrypt免费证书

详见官方文档：How to enable LetsEncrypt
简单来说，就是在DA配置文件/usr/local/directadmin/conf/directadmin.conf中添加行语句：
letsencrypt=1

开启SSL和配置好Let’s Encrypt自动证书后，需要重启DA：

然后重写主机配置，主要是要把.well-known做指向

官方还建议做一次更新检测，新装的环境一般没必要。老环境升级建议做：

做好如上配置后，在用户控制面板中，能看到SSL图标。

生成与配置域名证书

首先要做域名解析。必须要把裸域@和主机www都解析到服务器的IP上。经测试通畅后，在进行后面的操作。
进入用户控制面板，点击SSL图标进入配置，地址一般应该是 //www.directadmin.com:8888/CMD_SSL?domain=abc.com
点击 Generate new certificate，然后选 Free & automatic certificate from Let's Encrypt

如图所示，这里面重要的是email地址不能乱写，必须写一个真实存在的可以接收邮件的地址。密钥长度肯定是越长越好，选4096和SHA256加密。

下一步要选域名了，按需选择，但是裸域是必选的。默认选了裸域和www主机名。

点确定保存即可。

此后DA会进行自动生成操作。如果出现错误，一般是域名没解析、Email地址不对、.well-known没找到之类的问题。

wget http://www.directadmin.com/setup.sh

chmod 755 setup.sh

./setup.sh

提示是否需要执行脚本预安装必须的第三方软件包  输入 y

*****************************************************
 *
 * DirectAdmin requires certain packages, described here:
 * http://help.directadmin.com/item.php?id=354
 *
 * Would you like to install these required pre-install packages? (y/n): y

*****************************************************
Please enter your Client ID : 用户ID
Please enter your License ID : 授权ID
Please enter your hostname (server.domain.com)
It must be a Fully Qualified Domain Name
Do *not* use a domain you plan on using for the hostname:
eg. don't use domain.com. Use server.domain.com instead.
Do not enter http:// or www

Enter your hostname (FQDN) : 主机名
Client ID: *****
License ID: ******
Hostname: ***.**
Is this correct? (y,n) : y
Is eth0 your network adaptor with the license IP (**.***.**.**)? (y,n) : y
Your external IP: 
The external IP should typically match your license IP.

Is **.**.**.** the IP in your license? (y,n) : y

DirectAdmin will now be installed on: Enterprise 7.2
Is this correct? (must match license) (y,n) : y

Would you like the default settings of apache 2.4 with mod_ruid2 and php 5.5 cli? (y/n): n

Would you like to backup the current options.conf? (yes/no): yes
Backup created: /usr/local/directadmin/custombuild/options.conf.20151105102436.backup

Please select webserver you would like to use (apache/nginx/nginx_apache/litespeed):apache

Please select FTP server you would like to use (proftpd/pureftpd/no):proftpd

Please select default PHP version you would like to use (5.3/5.4/5.5/5.6/7.0):5.3
Please select default PHP mode you would like to use (php-fpm/fastcgi/suphp/lsphp/mod_php):suphp
Would you like to have a second instance of PHP installed? (yes/no): no

Please select if you would like to use ionCube (yes/no):yes
 
Please select if you would like to use Zend Guard Loader (yes/no):yes
 
Please select if you would like to use suhosin (yes/no):yes
 
Please select if you would like CustomBuild to manage Exim installation (yes/no):no
 
Please select if you would like CustomBuild to manage Dovecot installation (yes/no):no
 
Please select if you would like CustomBuild to manage phpMyAdmin installation (yes/no):yes
 
Please select if you would like CustomBuild to manage SquirrelMail installation (yes/no):no
 
Please select if you would like CustomBuild to manage RoundCube installation (yes/no):no

Would you like to search for the fastest download mirror? (y/n): y

## INSTALL_COMPLETE
## ACCOUNT_INFO
 
 
The following information has been set:
 
Admin username:   admin
Admin password:   Axxxxxx2
Admin email:      admin@testda.vvv.com
 
 
Server IP: 192.x.x.x
Server Hostname: testda.vvv.com
 
To login now, follow this link:
 
http://192.x.x.x:2222
 
and enter your Admin username and password when prompted.
 
You should now visit http://admin.site-helper.com and http://www.directadmin.com/newinstall.html to learn how to get started.
 
Thank you for using DirectAdmin.  Should you have any questions, don't hesitate to contact us at support@directadmin.com
 
## REPORT_END
Permissions set
 
System Security Tips:
  http://help.directadmin.com/item.php?id=247