We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
SSL / LetsEncrypt For Vesta GUI Help
SSL / LetsEncrypt For Vesta GUI Help
The documentation page makes no reference to LetsEncrypt so I don't even know if I'm doing it right.
What I did in order to install a LetsEncrypt for the VestaCP GUI is:
- Logged into VestaCP and clicked on "Web"
- Clicked "Edit" on the VestaCP panel (e.g. vestacp.domain.com)
- Checked "SSL Support" and then checked "Lets Encrypt Support" (left SSL Home as public_html)
- Hit Save
I'm assuming this is how it's done (even though it says nothing about a csr/cert being generated prior to clicking Save) because now when I go back to the "Edit" overview for the VestaCP Gui domain, it shows a cert, key, and CA bundle. It also shows information below such as NOT_BEFORE and NOT_AFTER. So I think this is done like it should.
So first of all, can someone confirm that is how installation of an Let's Encrypt SSL certificate is done?
Now as far as my problem goes, despite there being a certificate installed and showing as valid, the browser still sees the certificate as insecure because it's showing what I believe is the self-signed certificate.
Since again there's no documentation on the docs page, I'm not sure if I need to do something further so I restarted Apache. I also attempted to restart VestaCP but couldn't figure out how (it looks like it's running on nginx but 'service nginx restart' did nothing) so I just rebooted the server completely. I opened an incognito (cache-free) browser session and went back to the VestaCP GUI and it's still showing the same error.
What I did in order to install a LetsEncrypt for the VestaCP GUI is:
- Logged into VestaCP and clicked on "Web"
- Clicked "Edit" on the VestaCP panel (e.g. vestacp.domain.com)
- Checked "SSL Support" and then checked "Lets Encrypt Support" (left SSL Home as public_html)
- Hit Save
I'm assuming this is how it's done (even though it says nothing about a csr/cert being generated prior to clicking Save) because now when I go back to the "Edit" overview for the VestaCP Gui domain, it shows a cert, key, and CA bundle. It also shows information below such as NOT_BEFORE and NOT_AFTER. So I think this is done like it should.
So first of all, can someone confirm that is how installation of an Let's Encrypt SSL certificate is done?
Now as far as my problem goes, despite there being a certificate installed and showing as valid, the browser still sees the certificate as insecure because it's showing what I believe is the self-signed certificate.
Since again there's no documentation on the docs page, I'm not sure if I need to do something further so I restarted Apache. I also attempted to restart VestaCP but couldn't figure out how (it looks like it's running on nginx but 'service nginx restart' did nothing) so I just rebooted the server completely. I opened an incognito (cache-free) browser session and went back to the VestaCP GUI and it's still showing the same error.
Code: Select all
Issued to: myvestacplink.domain.com
Issued by: myvestacplink.domain.com
Code: Select all
This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store.
Code: Select all
bash vst-install.sh --nginx no --apache yes --phpfpm no --named no --remi yes --vsftpd no --proftpd yes --iptables yes --fail2ban no --quota yes --exim yes --dovecot yes --spamassassin no --clamav no --mysql yes --postgresql no --hostname xxxxx.xxxxx.net --email xxxxx --password xxxxx
Re: SSL / LetsEncrypt For Vesta GUI Help
Have a look here, vestacp ssl certs are on a different place: viewtopic.php?f=19&t=13057
Re: SSL / LetsEncrypt For Vesta GUI Help
That worked perfectly. Thank you, seeing as you're the author of the script as well. Any idea why there's no reference to that thread as a sticky or something? I'm thinking I cannot possibly be the first one that was experiencing the problem that I had.ScIT wrote:Have a look here, vestacp ssl certs are on a different place: viewtopic.php?f=19&t=13057
Re: SSL / LetsEncrypt For Vesta GUI Help
the thread is already sticky inside of the 3rd party scripts/solutions board. please mark your thread solved.