Page 2 of 3

Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons

Posted: Sat Dec 15, 2018 10:54 am
by b79
This has made my day. I was using a script, a built in function is great.

Just out of curiosity how did you come across the: UPDATE_HOSTNAME_SSL='yes'
I can't find it documented anywhere?

Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons

Posted: Sat Dec 15, 2018 11:09 am
by MAN5

Code: Select all

- v-add-letsencrypt-domain 'admin' $HOSTNAME '' 'yes'
- v-update-host-certificate admin $HOSTNAME
- echo "UPDATE_HOSTNAME_SSL='yes'" >> /usr/local/vesta/conf/vesta.conf
Hi Dpeca,
Im still not convincing on these steps yet. As of ScIT's statement, the Exim/Dovecot services must need to be restarted.

viewtopic.php?t=13057&start=30#p70172

I think, this script is not fullfilled his statement yet. ScIT may comment on this concern.

Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons

Posted: Sat Dec 15, 2018 2:22 pm
by dpeca
MAN5 wrote:
Sat Dec 15, 2018 11:09 am

Code: Select all

- v-add-letsencrypt-domain 'admin' $HOSTNAME '' 'yes'
- v-update-host-certificate admin $HOSTNAME
- echo "UPDATE_HOSTNAME_SSL='yes'" >> /usr/local/vesta/conf/vesta.conf
Hi Dpeca,
Im still not convincing on these steps yet. As of ScIT's statement, the Exim/Dovecot services must need to be restarted.

viewtopic.php?t=13057&start=30#p70172

I think, this script is not fullfilled his statement yet. ScIT may comment on this concern.
No.
v-update-host-certificate will restart exim - https://github.com/serghey-rodin/vesta/ ... ficate#L75

Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons

Posted: Sat Dec 15, 2018 2:31 pm
by MAN5
Haha, Bravo.
Im not fully learned the vesta scripts yet.
Just realizing this will restart mail/ftp/imap all.. Thank you..

Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons

Posted: Tue Jan 15, 2019 9:43 pm
by Loc_rabbirt
I'm new here, so I'm not sure what you mean tying:

Code: Select all

v-change-sys-hostname somedomain
HOSTNAME='somedomain'
I tried changed it in terminal console but seem it not work, the hostname just have one line: name-server, that's all, could you provide some hints?

Resolve!!!!!!!!!!!!!!!!

I just go to Admin Panel > Website > Edit Website > Enable SSL Support > Enable Let's Encrypt and it's work.

P/S: Not sure why it not work before.

Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons

Posted: Wed Jan 16, 2019 10:43 am
by dpeca
Loc_rabbirt wrote:
Tue Jan 15, 2019 9:43 pm
I'm new here, so I'm not sure what you mean tying:

Code: Select all

v-change-sys-hostname somedomain
HOSTNAME='somedomain'
I tried changed it in terminal console but seem it not work, the hostname just have one line: name-server, that's all, could you provide some hints?
Your server hostname must be full host address that is already pointing to IP of your server.
Check /etc/hostname to see what is your hostname.
If it's not real host address, change it to some domain that you are hosting, by typing in SSH:

Code: Select all

v-change-sys-hostname somedomain.com
and then:

Code: Select all

HOSTNAME='somedomain.com'
Then do all normal steps, described on first page.

Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons

Posted: Mon Jan 28, 2019 1:11 am
by TopeZ
@dpeca

I can confirm my Vesta panel, exim and dovecot are all secured with valid SSL.

You are the F'in boss man, thanks for this tutorial, appreciate it man! All hail dpeca everyone!

Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons

Posted: Wed Jan 30, 2019 9:24 am
by prideofelites
What about the wildcards? Thanks

Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons

Posted: Wed Jan 30, 2019 9:25 am
by dpeca
Wildcard will come in next version of Vesta.

Re: TUTORIAL: How to install SSL certificate to Vesta, Exim and dovecot daemons

Posted: Fri Feb 01, 2019 12:10 am
by redstorm
UPDATE: right after posting here I went ahead and double checked my DNS settings and realized I was linking the hostname to the floating IP from digital ocean instead of the droplet instead. The domain itself WAS working as I was able to login to the control panel but I am guessing this created some sort of hiccup or issue on the server itself trying to resolve the IP which had resulted in the error below. Once I updated the IP and re-installed, it worked right away and since I didn't change anything else, I am fairly confident that's what did it.

Will leave my original post below just in case someone else comes across the same or similar issue.

===============

I have tried this in different ways following these instructions as well as others but I keep getting a "connection refused" message when letsencrypt tries to validate the acme address.

It would seem that port 80 on the hostname domain simply does not work. Any other subdomain on the system works perfectly fine and can generate letsencrypt, but the hostname only works on port 8083 so it is never able to validate.

[root@server ~]# v-add-letsencrypt-domain 'admin' $HOSTNAME '' 'yes'
Error: Fetching http://***/.well-known/acme-challenge/**: Connection refused

My server is on a subdomain.domain.com and NOT on a domain.com. I can't see that being a problem but thought I would mention it. All subdomains and aliases are properly pointed to the server. Checking and executing the SSL / Letsencrypt option on another test subdomain of the same root domain works without issues. Only the server hostname has this issue.

I have reset and retried things at least a dozen times now without success, always the same error message. This is on a dropbox VPS running centos 7.5

Any help or pointer would be greatly appreciated.