Vesta Control Panel - Forum

Hi :)

I want to move several websites from a vestacp server (nginx+apache2) to another (nginx+php-fm), but without use the vestacp backup script.
I have built a script to move database, files, etc... but I'm blocked with the LE certificat : how to copy and setting up the let's encrypt certs from old server to new one, to avoid disruption during DNS change ?

I have found https://serverfault.com/questions/83800 ... ver-to-ano but I don't know how to adapt it to VestaCP

I used the vesta cli and it moves the let's encrypt cert just fine. I can't imagine a reason you'd not want to use it. It works quickly and simply.

I can't use v-backup because several websites are managed by the same user on old server, and they will be moved to their own user on the new server.
Furthermore, some websites where "hacked" on the past, and I want to moved them by hand, with a very clean install.

That are the main reason I want to move them by my own way and why I need your help with the SSL cert :)

One option: You can set up the website on the new server, before switching the DNS over. From the Admin > Web section, edit the site on the new server, and activate SSL. You may manually copy and paste the text of the certs from the current server into the new server. There are three boxes, just duplicate them from one server to the other.

That will allow you to get up and running. Once you've switched the DNS record over to the new server, remember to turn on Letsencrypt for the website, so that the certs will get renewed.

Yes ! yes !
Thanks a lot plutocat, you saved - not my life - but a lot of headache !!!

I'm now looking the way to do this by CLI.
With your tip, I realized I could copied from the old server the files /home/USER/conf/ssl.DOMAIN.TLD.{ca,crt,key,pem} to the new server.
I also have to get back the files /home/USER/conf/DOMAIN.TLD.{apache2,nginx}.ssl.conf

But my last problem is : how to activate by CLI the SSL for this domain with using the copied certs ?

Maybe I have to change some stuff inside vestacp database, but it's not a big deal if you can help me to find what exactly :)

Maybe v-add-web-domain-ssl ?
# info: adding ssl for domain
# options: USER DOMAIN SSL_DIR [SSL_HOME] [RESTART]
#
# The function turns on SSL support for a domain. Parameter ssl_dir is a path
# to directory where 2 or 3 ssl files can be found. Certificate file
# domain.tld.crt and its key domain.tld.key are mandatory. Certificate
# authority domain.tld.ca file is optional. If home directory parameter
# (ssl_home) is not set, https domain uses public_shtml as separate
# documentroot directory.

I don't know if this will work. I don't have a domain to try it on, but if you look in /var/log/vesta/system.log you'll see examples of how it is used.

v-add-web-domain-ssl 'admin' 'www.domain.com' '/cert/dir' 'same' 'same' 'same' 'same'

Thanks again, it's look nearly good !

I could add the certs with this command : The point was I had to make symlink from /home/USER/conf/web/ssl.DOMAIN.TLD.{crt,ca,key} to /home/USER/conf/web/DOMAIN.TLD.{crt,ca,key} because v-add-web-domain-ssl looks for /home/USER/conf/web/DOMAIN.TLD.{crt,ca,key} (without the prefix ssl.) I don't know why...

So it's not very clean, but it's working...

I just first move the domain I want to split from a pack to a new user on the original server. Then I back it up, and then restore. You'll have to do a couple of things around that, like change database names in any configs to reflect the new database name that is based on the user.