We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons
Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons
This has made my day. I was using a script, a built in function is great.
Just out of curiosity how did you come across the: UPDATE_HOSTNAME_SSL='yes'
I can't find it documented anywhere?
Just out of curiosity how did you come across the: UPDATE_HOSTNAME_SSL='yes'
I can't find it documented anywhere?
Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons
Code: Select all
- v-add-letsencrypt-domain 'admin' $HOSTNAME '' 'yes'
- v-update-host-certificate admin $HOSTNAME
- echo "UPDATE_HOSTNAME_SSL='yes'" >> /usr/local/vesta/conf/vesta.conf
Im still not convincing on these steps yet. As of ScIT's statement, the Exim/Dovecot services must need to be restarted.
viewtopic.php?t=13057&start=30#p70172
I think, this script is not fullfilled his statement yet. ScIT may comment on this concern.
Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons
No.MAN5 wrote: ↑Sat Dec 15, 2018 11:09 amHi Dpeca,Code: Select all
- v-add-letsencrypt-domain 'admin' $HOSTNAME '' 'yes' - v-update-host-certificate admin $HOSTNAME - echo "UPDATE_HOSTNAME_SSL='yes'" >> /usr/local/vesta/conf/vesta.conf
Im still not convincing on these steps yet. As of ScIT's statement, the Exim/Dovecot services must need to be restarted.
viewtopic.php?t=13057&start=30#p70172
I think, this script is not fullfilled his statement yet. ScIT may comment on this concern.
v-update-host-certificate will restart exim - https://github.com/serghey-rodin/vesta/ ... ficate#L75
Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons
Haha, Bravo.
Im not fully learned the vesta scripts yet.
Just realizing this will restart mail/ftp/imap all.. Thank you..
Im not fully learned the vesta scripts yet.
Just realizing this will restart mail/ftp/imap all.. Thank you..
-
- Posts: 25
- Joined: Fri Nov 18, 2016 3:36 pm
- Os: CentOS 6x
- Web: apache + nginx
Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons
I'm new here, so I'm not sure what you mean tying:
I tried changed it in terminal console but seem it not work, the hostname just have one line: name-server, that's all, could you provide some hints?
Resolve!!!!!!!!!!!!!!!!
I just go to Admin Panel > Website > Edit Website > Enable SSL Support > Enable Let's Encrypt and it's work.
P/S: Not sure why it not work before.
Code: Select all
v-change-sys-hostname somedomain
HOSTNAME='somedomain'
Resolve!!!!!!!!!!!!!!!!
I just go to Admin Panel > Website > Edit Website > Enable SSL Support > Enable Let's Encrypt and it's work.
P/S: Not sure why it not work before.
Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons
Your server hostname must be full host address that is already pointing to IP of your server.Loc_rabbirt wrote: ↑Tue Jan 15, 2019 9:43 pmI'm new here, so I'm not sure what you mean tying:
I tried changed it in terminal console but seem it not work, the hostname just have one line: name-server, that's all, could you provide some hints?Code: Select all
v-change-sys-hostname somedomain HOSTNAME='somedomain'
Check /etc/hostname to see what is your hostname.
If it's not real host address, change it to some domain that you are hosting, by typing in SSH:
Code: Select all
v-change-sys-hostname somedomain.com
Code: Select all
HOSTNAME='somedomain.com'
Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons
@dpeca
I can confirm my Vesta panel, exim and dovecot are all secured with valid SSL.
You are the F'in boss man, thanks for this tutorial, appreciate it man! All hail dpeca everyone!
I can confirm my Vesta panel, exim and dovecot are all secured with valid SSL.
You are the F'in boss man, thanks for this tutorial, appreciate it man! All hail dpeca everyone!
-
- Posts: 2
- Joined: Wed Jan 30, 2019 9:12 am
- Contact:
- Os: Ubuntu 17x
- Web: apache + nginx
Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons
What about the wildcards? Thanks
Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons
Wildcard will come in next version of Vesta.
Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons
UPDATE: right after posting here I went ahead and double checked my DNS settings and realized I was linking the hostname to the floating IP from digital ocean instead of the droplet instead. The domain itself WAS working as I was able to login to the control panel but I am guessing this created some sort of hiccup or issue on the server itself trying to resolve the IP which had resulted in the error below. Once I updated the IP and re-installed, it worked right away and since I didn't change anything else, I am fairly confident that's what did it.
Will leave my original post below just in case someone else comes across the same or similar issue.
===============
I have tried this in different ways following these instructions as well as others but I keep getting a "connection refused" message when letsencrypt tries to validate the acme address.
It would seem that port 80 on the hostname domain simply does not work. Any other subdomain on the system works perfectly fine and can generate letsencrypt, but the hostname only works on port 8083 so it is never able to validate.
[root@server ~]# v-add-letsencrypt-domain 'admin' $HOSTNAME '' 'yes'
Error: Fetching http://***/.well-known/acme-challenge/**: Connection refused
My server is on a subdomain.domain.com and NOT on a domain.com. I can't see that being a problem but thought I would mention it. All subdomains and aliases are properly pointed to the server. Checking and executing the SSL / Letsencrypt option on another test subdomain of the same root domain works without issues. Only the server hostname has this issue.
I have reset and retried things at least a dozen times now without success, always the same error message. This is on a dropbox VPS running centos 7.5
Any help or pointer would be greatly appreciated.
Will leave my original post below just in case someone else comes across the same or similar issue.
===============
I have tried this in different ways following these instructions as well as others but I keep getting a "connection refused" message when letsencrypt tries to validate the acme address.
It would seem that port 80 on the hostname domain simply does not work. Any other subdomain on the system works perfectly fine and can generate letsencrypt, but the hostname only works on port 8083 so it is never able to validate.
[root@server ~]# v-add-letsencrypt-domain 'admin' $HOSTNAME '' 'yes'
Error: Fetching http://***/.well-known/acme-challenge/**: Connection refused
My server is on a subdomain.domain.com and NOT on a domain.com. I can't see that being a problem but thought I would mention it. All subdomains and aliases are properly pointed to the server. Checking and executing the SSL / Letsencrypt option on another test subdomain of the same root domain works without issues. Only the server hostname has this issue.
I have reset and retried things at least a dozen times now without success, always the same error message. This is on a dropbox VPS running centos 7.5
Any help or pointer would be greatly appreciated.