Let's Encrypt for VestaCP System (8083) and exim4 Topic is solved

Section with additional software for Vesta
ScIT
Posts: 234
Joined: Mon Feb 23, 2015 4:13 pm

Let's Encrypt for VestaCP System (8083) and exim4  Topic is solved

Postby ScIT » Wed Nov 09, 2016 10:06 am

Hi @ all

For our internal VestaCP Systems I've written a short script to use the Let's Encrypt SSL Certificates for VestaCP (8083) and exim4.

First of all:
- Create your domain in WEB (for example server.domain.tld)
- Add a Let's Encrypt Certificate with v-add-letsencrypt-domain user domain
- Create and modify the script you will find here: https://git.scit.ch/rs/VestaCP-SystemSSL

Tested on Ubuntu 14.04 and Debian 8.

Please let me know if it also works for you, if you have any problems post it here or use the "Issue"-Function from our GitLab Server.

Why you should use this way instead of "create only symlinks of the cert files": viewtopic.php?p=56451#p56428
Last edited by ScIT on Sat Feb 11, 2017 2:12 pm, edited 1 time in total.

core01
Posts: 16
Joined: Sun Oct 23, 2016 11:11 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby core01 » Wed Nov 23, 2016 7:23 am

Is this script actual?

Can i use LE cert for sending mail ?

ScIT
Posts: 234
Joined: Mon Feb 23, 2015 4:13 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby ScIT » Thu Nov 24, 2016 8:47 am

core01 wrote:Is this script actual?

Can i use LE cert for sending mail ?


yes script is actual, don't know what you exactly mean with "sending email". But but it will also work for exim4 service, so you will have a trusted cert.

script is working on 4 productive web, and 4 "dns-only" servers.

core01
Posts: 16
Joined: Sun Oct 23, 2016 11:11 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby core01 » Thu Nov 24, 2016 4:24 pm

ScIT wrote:
core01 wrote:Is this script actual?

Can i use LE cert for sending mail ?


yes script is actual, don't know what you exactly mean with "sending email". But but it will also work for exim4 service, so you will have a trusted cert.

script is working on 4 productive web, and 4 "dns-only" servers.


I mean Can i use SSL Certificates with Exim http://www.exim.org/exim-html-current/d ... lsssl.html

ScIT
Posts: 234
Joined: Mon Feb 23, 2015 4:13 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby ScIT » Thu Nov 24, 2016 7:31 pm

core01 wrote:I mean Can i use SSL Certificates with Exim http://www.exim.org/exim-html-current/d ... lsssl.html


Yes, if your exim is pointed to the vestacp ssl certs (as far as i know this should be by default), it will work and also restart exim4 automatically.

core01
Posts: 16
Joined: Sun Oct 23, 2016 11:11 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby core01 » Sat Nov 26, 2016 8:33 pm

Hmm, i tried certificates and phpmailer can't send email on php > 5.6
https://github.com/PHPMailer/PHPMailer/ ... nistic-tls
I can't

Code: Select all

$mail->SMTPAutoTLS = false;
in my web application because modifying core classes of CMS is bad.

ScIT
Posts: 234
Joined: Mon Feb 23, 2015 4:13 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby ScIT » Sat Nov 26, 2016 8:37 pm

core01 wrote:Hmm, i tried certificates and phpmailer can't send email on php > 5.6
https://github.com/PHPMailer/PHPMailer/ ... nistic-tls
I can't

Code: Select all

$mail->SMTPAutoTLS = false;
in my web application because modifying core classes of CMS is bad.

Please open a new thread for your problem. This is not related to my script, my script only checks if the vesta cp ssl cert is older than existing one, replace it and restart the services.

SS88
Posts: 298
Joined: Thu Nov 19, 2015 12:40 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby SS88 » Thu Dec 01, 2016 12:37 am

core01 wrote:Can i use LE cert for sending mail ?


You need a full CA for exim - one certificate from LE will not work.

xjlin0
Posts: 22
Joined: Fri Dec 30, 2016 2:22 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby xjlin0 » Sun Jan 08, 2017 5:42 am

Just want to share, I used ScIT's script to copy my Let's encrypt cert/key and it works, I can still sending/receiving ordinary email within Roundcube at https://my.site/webmail/ No TLS errors while enjoy VestaCP panel under https.

My system is Debian 8.6 Jessie, with PHP 5.6.29 and Vesta CP 0.9.8.17, with exim+dovecot+spamassassin+clamav

billmedina
Posts: 5
Joined: Tue Jan 31, 2017 10:29 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby billmedina » Tue Jan 31, 2017 10:32 pm

ln - s /etc/letsencrypt/live/[mydomain.com]/cert.pem /usr/local/vesta/ssl/certificate.crt
ln -s /etc/letsencrypt/live/[mydomain.com]/privkey.pem /usr/local/vesta/ssl/certificate.key
service vesta restart


Return to “3rd Party Software”



Who is online

Users browsing this forum: No registered users and 3 guests