Vesta Control Panel - Forum

Let's Encrypt is an upcoming free Certificate Authority for creating ssl certs. So everyone can be secure without having to pay the price. See https://letsencrypt.org for more info, backed by linux foundation and other big companies

Good news!
But they already give trusted certificates or not yet? I don't understand.

PS: Wosign and StartSSL not alone on free certificates field ;-)

Let's Encrypt is scheduled to go live this month or October. As you might know it's a command line tool, so it would be totaly awesome if Vesta would embed it.

How awesome (and save) would that be? Activate SSL support in the Control Panel and instantly get a valid certificate.

Are you guys allready looking in to this? https://letsencrypt.org/howitworks/

+1

I would really love if this came preinstalled with vesta to generate FREE trusted SSLs for your domains :D

I am one of the beta testers of let's encrypt and currently it isn't yet good enough to integrate into vestaCP. There are also some disadvantages that must definitely be considered first. (Certificate is only valid for 90 days ...)

Let's Encrypt program needs to read conf file or VHost setting to know what site you need certificates.
But Vesta's way can't let the Let's Encrypt program to find the site, especially the site's DNS records are not in Vesta system.
So I think Vesta needs to adjust some setting to support Let's Encrypt.

I am a Let's Encrypt tester but can't get a certificates by its program. So sad. :(

tjebbeke wrote:I am one of the beta testers of let's encrypt and currently it isn't yet good enough to integrate into vestaCP. There are also some disadvantages that must definitely be considered first. (Certificate is only valid for 90 days ...)

Nice! Can you tell about beta something cool? ;-)

molen wrote:Let's Encrypt program needs to read conf file or VHost setting to know what site you need certificates.
But Vesta's way can't let the Let's Encrypt program to find the site, especially the site's DNS records are not in Vesta system.

Why? Let's Encrypt can't read path, or you can't choose where config file are?

molen wrote:So I think Vesta needs to adjust some setting to support Let's Encrypt.
I am a Let's Encrypt tester but can't get a certificates by its program. So sad. :(

When this software will be in production, not in limited beta, then some tests make sense.. now it's just for fun only.

molen wrote:I am a Let's Encrypt tester but can't get a certificates by its program. So sad. :(

Without direct integration into Vesta it's a little manual, but it's perfectly doable. Have you managed to sort it out? Let me know if you need some pointers...

tjebbeke wrote:I am one of the beta testers of let's encrypt and currently it isn't yet good enough to integrate into vestaCP. There are also some disadvantages that must definitely be considered first. (Certificate is only valid for 90 days ...)

The 90 day validity is a design choice. The whole point is that the issuing process is automated, so you can simply have a cron job to renew your certificates.

Of course, if it was integrated into Vesta then it could be totally automated...