Let's Encrypt for VestaCP System (8083) and exim4 Topic is solved

Section with additional software for Vesta
ScIT
Posts: 252
Joined: Mon Feb 23, 2015 4:13 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby ScIT » Wed Feb 01, 2017 7:21 am

billmedina wrote:ln - s /etc/letsencrypt/live/[mydomain.com]/cert.pem /usr/local/vesta/ssl/certificate.crt
ln -s /etc/letsencrypt/live/[mydomain.com]/privkey.pem /usr/local/vesta/ssl/certificate.key
service vesta restart


Congratz, you can register on the board and copy&paste your 3 line shell "solution" without any comment in two posts (here and viewtopic.php?p=56134#p56134). But can you answer me also a question? What will happen after 90days? If not, I will tell you: VestaCP backend will be outdated because you have to restart vesta service after changing/renewing the ssl cert.

So maybe next time: Read the thread where you are posting such a bullshit and try to understand, why it can maybe not work. Thanks.

billmedina
Posts: 5
Joined: Tue Jan 31, 2017 10:29 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby billmedina » Tue Feb 07, 2017 3:45 am

ScIT wrote:
billmedina wrote:ln - s /etc/letsencrypt/live/[mydomain.com]/cert.pem /usr/local/vesta/ssl/certificate.crt
ln -s /etc/letsencrypt/live/[mydomain.com]/privkey.pem /usr/local/vesta/ssl/certificate.key
service vesta restart


Congratz, you can register on the board and copy&paste your 3 line shell "solution" without any comment in two posts (here and viewtopic.php?p=56134#p56134). But can you answer me also a question? What will happen after 90days? If not, I will tell you: VestaCP backend will be outdated because you have to restart vesta service after changing/renewing the ssl cert.

So maybe next time: Read the thread where you are posting such a bullshit and try to understand, why it can maybe not work. Thanks.


Sorry that I stepped on the toes of your inefficient solution. Why should there be 2 copies of the file. DRY. symlink the files and if needed cron job panel restart. Sorry for your anger.

ScIT
Posts: 252
Joined: Mon Feb 23, 2015 4:13 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby ScIT » Tue Feb 07, 2017 6:12 am

billmedina wrote:Sorry that I stepped on the toes of your inefficient solution. Why should there be 2 copies of the file. DRY. symlink the files and if needed cron job panel restart. Sorry for your anger.

Ok, maybe I was to direct. But let us start again: The script isnt inefficient, i had problems on my systems if I've done only a symlink. Because the default certs have to run under root:mail, so that exim4 can access them properly. Otherwise I've got an error of missing permission to open the files (unable to open private key file for reading: /usr/local/vesta/...).

This was written on top on my "HowTo", and that's why I write you: "Please read before you post". Also, if you will be longer than 4 posts in this board, you will understand why you can't just post 4 lines without any comment, what is by the way not really friendly if you do this inside of two different posts.

About the restart: When would you do this? Every night after the v-update-letsencrypt-ssl system cronjob? How do you detect if the cert was updated?

Let us discuss here, not in two posts.

cmslauncher
Posts: 3
Joined: Mon Feb 13, 2017 6:35 am

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby cmslauncher » Mon Feb 13, 2017 6:45 am

This a great script ScIT. Thank you!

youradds
Posts: 68
Joined: Tue Sep 01, 2015 10:16 am

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby youradds » Mon Apr 10, 2017 3:35 pm

Thanks for sharing! This works a charm for me :)

lexa500
Posts: 12
Joined: Thu Jul 07, 2016 10:35 am

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby lexa500 » Wed May 24, 2017 11:24 am

I`ve added also

Code: Select all

service dovecot restart &> /dev/null

because you afaik you will need to restart dovecot also.

zeknoss
Posts: 1
Joined: Tue Jun 13, 2017 1:21 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby zeknoss » Tue Jun 13, 2017 1:23 pm

Hello everyone,
I tried this script and it worked, however now vesta service does not start and give this error:

Starting vesta-nginx: nginx: [emerg] SSL_CTX_use_PrivateKey_file("/usr/local/vesta/ssl/certificate.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)

Why is this happening?


Return to “3rd Party Software”



Who is online

Users browsing this forum: No registered users and 2 guests