We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Self-signed SSL certificate Generation and 4 other questions
Self-signed SSL certificate Generation and 4 other questions
@skid:
Vestacp is a great domain control panel (except most of support threads are in Russian). I have a few questions:
1. How can one generate self-signed SSL certificates from vestacp like in ISPConfig3? If not is it the safest way to generate one from cli or vp script to create site ssl? If latter, any examples?
2. How does vestacp support SNI vhosts config generation with nginx? Where does one need to make changes to run nginx running at a different port (say 8888) by default so that one can deploy varnish for webcache in front of nginx?
3. How does vestacp handles if services are in different servers, I meant separate hosts for web, mail, dns, db and others?
4. How does vestacp performs under OS-level virtualization (openvz/lxc)? Any pros and cons of such setup?
5. Does vestacp have plan to support FreeBSD and jails in the future?
6. Does vestacp conflicts with Ajenti?
Thanks in advance.
Vestacp is a great domain control panel (except most of support threads are in Russian). I have a few questions:
1. How can one generate self-signed SSL certificates from vestacp like in ISPConfig3? If not is it the safest way to generate one from cli or vp script to create site ssl? If latter, any examples?
2. How does vestacp support SNI vhosts config generation with nginx? Where does one need to make changes to run nginx running at a different port (say 8888) by default so that one can deploy varnish for webcache in front of nginx?
3. How does vestacp handles if services are in different servers, I meant separate hosts for web, mail, dns, db and others?
4. How does vestacp performs under OS-level virtualization (openvz/lxc)? Any pros and cons of such setup?
5. Does vestacp have plan to support FreeBSD and jails in the future?
6. Does vestacp conflicts with Ajenti?
Thanks in advance.
Last edited by gtzen on Wed Dec 04, 2013 11:51 am, edited 1 time in total.
Re: Self-signed SSL certificate Generation and 4 other quest
1. You can generate self-signed certificate using openssl tool. We are planing to add CSR generator in the feature releases
2. SNI works out of the box without additional changes. Configuration templates are stored here /usr/local/vesta/data/templates
3. Check multi server setup topic
4. There is no known issues.
5. Not really, but maybe later we will change our point.
6. Not sure, I never tested it.
2. SNI works out of the box without additional changes. Configuration templates are stored here /usr/local/vesta/data/templates
3. Check multi server setup topic
4. There is no known issues.
5. Not really, but maybe later we will change our point.
6. Not sure, I never tested it.
Re: Self-signed SSL certificate Generation and 4 other quest
Thanks for your prompt reply. Won't it be nice if you separate Russian language support from English ones?
1. I also meant openssl. But I saw a script v-add-web-domain-ssl, what is that for?
2. Thanks for the location pointer.
3. I checked, but can you tell me the tentative time when mail layer clusting happens in multiserver setup?
1. I also meant openssl. But I saw a script v-add-web-domain-ssl, what is that for?
2. Thanks for the location pointer.
3. I checked, but can you tell me the tentative time when mail layer clusting happens in multiserver setup?
Re: Self-signed SSL certificate Generation and 4 other quest
1. In vesta CLI you can do everything you do in the web interface and even more. Script v-add-web-domain-ssl allows you to add SSL certificate to existing domain
vestacp.com.crt (certificate)
vestacp.com.key (key)
vestacp.com.ca (certificate authority)
so I can run script with following arguments
v-add-web-domain-ssl admin vestacp.com /tmp/cert
2. Sure
3. Our tentative to make in within 3 months.
Before running that script you should create temporary directory with 3 files. In my example I created /tmp/cert and put following there:[root@nxt ~]# v-add-web-domain-ssl
Error: not enought arguments
Usage: v-add-web-domain-ssl USER DOMAIN SSL_DIR [SSL_HOME] [RESTART]
vestacp.com.crt (certificate)
vestacp.com.key (key)
vestacp.com.ca (certificate authority)
so I can run script with following arguments
v-add-web-domain-ssl admin vestacp.com /tmp/cert
2. Sure
3. Our tentative to make in within 3 months.
Re: Self-signed SSL certificate Generation and 4 other quest
We no have plans to support FreeBSD5. Does vestacp have plan to support FreeBSD and jails in the future?
This OS have many problems with repositories