We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
HTTPS Vesta 0.9.8
HTTPS Vesta 0.9.8
Hello,
I've created little gist, which would help you getting https ready.
Link: https://gist.github.com/wodCZ/12f230bf670a3e84d3c7
It contains LetsEncrypt scripts and updated Force-https template. While not totally automatic, it helps a lot (cca 30 seconds to enable https and setup auto renew).
Comment on gist please, as I don't come here regularly.
I've created little gist, which would help you getting https ready.
Link: https://gist.github.com/wodCZ/12f230bf670a3e84d3c7
It contains LetsEncrypt scripts and updated Force-https template. While not totally automatic, it helps a lot (cca 30 seconds to enable https and setup auto renew).
Comment on gist please, as I don't come here regularly.
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: HTTPS Vesta 0.9.8
Can we install a free LetsEncrypt SSL for the control panel itself ? like I open https://VestacpIP:8083 to be secured under the free SSl ?
please advise
please advise
Re: HTTPS Vesta 0.9.8
@mecha Yes you can do that, im using letsencrypt to my hostname but i registered my tld first then subdomain.
Re: HTTPS Vesta 0.9.8
I've generated certs for my domain (ikw.cz) and then symlinked fullchain.pem a privkey.pem to /usr/local/vesta/certificate.crt and certificate.key.mehargags wrote:Can we install a free LetsEncrypt SSL for the control panel itself ? like I open https://VestacpIP:8083 to be secured under the free SSl ?
please advise
Warning: replacing vesta certificates will affect exim and other services. As I don't use them, I can't tell if this will break your mails or not!
Something like this should do the job:
Code: Select all
mv /usr/local/vesta/certificate.crt /usr/local/vesta/certificate.crt.old
mv /usr/local/vesta/certificate.key /usr/local/vesta/certificate.key.old
ln -s /etc/letsencrypt/live/ikw.cz/fullchain.pem /usr/local/vesta/certificate.crt
ln -s /etc/letsencrypt/live/ikw.cz/privkey.pem /usr/local/vesta/certificate.key
service vesta restart
Last edited by wodCZ on Sun Feb 14, 2016 9:46 pm, edited 1 time in total.
Re: HTTPS Vesta 0.9.8
I'm thinking about creating plugin for this, but didn't have time to look at Vesta plugin API, if sth like that exists.
Will have a look at that in this week probably.
Will have a look at that in this week probably.
Re: HTTPS Vesta 0.9.8
How to renew
/usr/local/vesta/ssl/certificate.crt and .key
files when you use the VestaCP with IP address and not domain name like 1.2.3.4:8083 ?
/usr/local/vesta/ssl/certificate.crt and .key
files when you use the VestaCP with IP address and not domain name like 1.2.3.4:8083 ?
Re: HTTPS Vesta 0.9.8
lets encrypt does not work with public ips, you need to have a domain for the controlpanel. but this can be also a subdomain. then you can also use this script here to get the cert working: http://forum.vestacp.com/viewtopic.php?f=19&t=13057petron wrote:How to renew
/usr/local/vesta/ssl/certificate.crt and .key
files when you use the VestaCP with IP address and not domain name like 1.2.3.4:8083 ?