Vesta Control Panel - Forum

Hi all,

Seriously impressed to see the implementation of "let's encrypt" on the webserver. Incredibly useful!

I've used the let's encrypt option for a number of sites on my server, and it works perfectly, however I can't seem to get it to work for port 8083 with the admin site.

https://mainsite.com works with SSL using let's encrypt

https://admin.mainsite.com works with SSL using let's encrypt

https://admin.mainsite.com:8083 does NOT work with SSL using let's encrypt. The error I get from Chrome is "your connection to this site is not secure".

Can anyone help or advise?

Thanks, and Happy New Year!

MM

Ok, so a little research and I found that the server settings have an old SSL certificate that is out of date installed. How do I delete this? I've tried deleting the text and saving the settings, but it doesn't remove it.

I've also tried renaming the certificate files in:

/usr/local/vesta/ssl

but that just resulted in the 8083 admin area being inaccessible.

If I have a letsencrypt SSL cert configured for admin.mainsite.com, is that not able to be used by admin.mainsite.com:8083?

So, a little bit more research ...

let's encrypt creates and stores its SSL certs in:

/home/username/conf/web

and lists them as:

ssl.website.crt
ssl.website.key

whereas the vesta control panel stores its SSL certs in:

/usr/local/vesta/ssl

and lists them as:

certificate.crt
certificate.key

so I renamed the old cert files and then created symlinks to point to the new ones:

ln -s /home/username/conf/web/ssl.website.crt /usr/local/vesta/ssl/certificate.crt
ln -s /home/username/conf/web/ssl.website.key /usr/local/vesta/ssl/certificate.key

I then restarted vesta:

service vesta restart

Cleared my browser cache, and ping! My vesta control panel now works via SSL, using the let's encrypt certificate provided for the website.

It all seems to work fine. My only concern now is what permissions should my symlinks be set to? They're currently rather "open", shall we say!

Hopefully, this will help others.

MM

have a look here: http://forum.vestacp.com/viewtopic.php?f=19&t=13057

Already sorted. Thanks.

If this helps anyone, please let me know by replying to this thread. Thanks.

MM

missionaryman wrote:If this helps anyone, please let me know by replying to this thread. Thanks.

MM

It will not help, because the symlink will produces a permission error for exim. You will see this in mainlog, that exim cant open the log. I had that problem already, that's why i've wrote the guide above.

Thanks for letting me know. How did you fix it?

missionaryman wrote:Thanks for letting me know. How did you fix it?

have a look here: http://forum.vestacp.com/viewtopic.php?f=19&t=13057