Page 1 of 4

Let's Encrypt - How to use

Posted: Tue Jul 26, 2016 7:35 am
by teochristian
Hello!
I just saw you added Let's Encrypt official support. It is great, but I don't know how to use it.

Code: Select all

v-add-letsencrypt-domain USER DOMAIN [ALIASES] [RESTART]
v-add-letsencrypt-user USER [EMAIL]
v-check-letsencrypt-domain USER DOMAIN
v-list-letsencrypt-user USER [FORMAT]
v-sign-letsencrypt-csr USER DOMAIN CSR_DIR [FORMAT]
v-update-letsencrypt-ssl
Which of the commands before I should use to make my domain example.com with ssl? Please write an example for "example.com" domain name (I want to activate ssl to be https://example.com). And I also know that the certificate expires at 90 days, does it will be automatically renewed? If not, how to renew it?

Thanks!!!!

Re: Let's Encrypt - How to use

Posted: Wed Jul 27, 2016 6:06 am
by teochristian
Anyone, please? Thank you!

Re: Let's Encrypt - How to use

Posted: Fri Jul 29, 2016 8:11 am
by SS88

Code: Select all

v-add-letsencrypt-domain USERNAME DOMAIN
Creates a certificate and enables SSL on the domain name.

Any problems when issuing a command like this: /usr/local/vesta/bin/v-add-letsencrypt-user: line 59: xxd: command not found

Code: Select all

yum install vim-common
and re-try the code again.

Code: Select all

v-update-letsencrypt-ssl
This script automatically checks all the certificates issued and will renew them if they are close to expiration.

Re: Let's Encrypt - How to use

Posted: Fri Aug 05, 2016 8:36 am
by sennevb
anyone a step by step guide how to do this for vestacp conbtrolpanel itself?

do i need a cron job to do : v-update-letsencrypt-ssl or does vestacp do that automatically??

Re: Let's Encrypt - How to use

Posted: Fri Aug 05, 2016 2:21 pm
by SS88
sennevb wrote:anyone a step by step guide how to do this for vestacp conbtrolpanel itself?

do i need a cron job to do : v-update-letsencrypt-ssl or does vestacp do that automatically??
This is only CLI. Next Vesta release will include the GUI.

Re: Let's Encrypt - How to use

Posted: Sat Aug 06, 2016 2:21 pm
by abst
When use v-add-letsencrypt-domain USERNAME DOMAIN i have problem:

Code: Select all

Error: LetsEncrypt account registration 400
How fix it?

Re: Let's Encrypt - How to use

Posted: Sat Aug 06, 2016 3:18 pm
by SS88
Try:

Code: Select all

yum install vim-common
I get this error after the fix I think it's letsEncrypt side but I have not had time to look into it yet :(

Re: Let's Encrypt - How to use

Posted: Thu Aug 11, 2016 2:37 pm
by skurudo
Change line 44 of: /usr/local/vesta/bin/v-add-letsencrypt-user

Code: Select all

agreement='https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'
Thanks to abst from russian branch - http://forum.vestacp.com/viewtopic.php? ... 317#p48649

Re: Let's Encrypt - How to use

Posted: Sat Aug 13, 2016 3:51 am
by gursl
Hello after following the steps and add the agreement. There is still a error message , please can you suggest how to proceed?

I have done:
1)

Code: Select all

yum install vim-common
2)
Change line 44 of: /usr/local/vesta/bin/v-add-letsencrypt-user

Code: Select all

agreement='https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'
3)

Code: Select all

v-add-letsencrypt-domain USERNAME DOMAIN
Result:

Code: Select all

chown: cannot access `/home/admin/web/domain.com/public_html/.well-known': No such file or directory
Error: Error:  Authorizations for these names not found or expired: domain.com

Re: Let's Encrypt - How to use

Posted: Mon Aug 15, 2016 9:35 pm
by Spheerys
I have another problem than you Gursl

After v-add-letsencrypt-domain USERNAME DOMAIN, nginx could restart.
After a service nginx restart, I had this error :
* Restarting nginx nginx nginx:
[emerg] host not found in "ips:443" of the "listen" directive in /home/me/conf/web/snginx.conf:2
nginx: configuration file /etc/nginx/nginx.conf test failed
And in my /home/me/conf/web/snginx.conf file, I have this :

Code: Select all

server {
    listen      ips:443;
    server_name domain.fr http://www.domain.fr;
    ssl         on;
    ssl_certificate      /home/me/conf/web/ssl.domain.fr.pem;
    ssl_certificate_key  /home/me/conf/web/ssl.domain.fr.key;
    error_log  /var/log/apache2/domains/domain.fr.error.log error;

    location / {
        proxy_pass      https://ips:8443;
        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|tif|tiff|css|js|htm|html|ttf|otf|webp|woff|txt|csv|rtf|doc|docx|xls|xlsx|ppt|pptx|odf|odp|ods|odt|pdf|psd|ai|eot|eps|ps|zip|ta$
            root           /home/me/web/domain.fr/public_html;
            access_log     /var/log/apache2/domains/domain.fr.log combined;
            access_log     /var/log/apache2/domains/domain.fr.bytes bytes;
            expires        max;
            try_files      $uri @fallback;
        }
    }

    location /error/ {
        alias   /home/me/web/domain.fr/document_errors/;
    }

    location @fallback {
        proxy_pass      https://ips:8443;
    }

    location ~ /\.ht    {return 404;}
    location ~ /\.svn/  {return 404;}
    location ~ /\.git/  {return 404;}
    location ~ /\.hg/   {return 404;}
    location ~ /\.bzr/  {return 404;}

    include /home/me/conf/web/snginx.domain.fr.conf*;
}
And indeed, I don't know what is "ips" and where this word comes from....