Let's Encrypt for VestaCP System (8083) and exim4

[ScIT]

VestaCP has now a integrated way to solve the request: viewtopic.php?f=10&t=17353

Hi @ all

For our internal VestaCP Systems I've written a short script to use the Let's Encrypt SSL Certificates for VestaCP (8083) and exim4.

First of all:
- Create your domain in WEB (for example server.domain.tld)
- Add a Let's Encrypt Certificate with v-add-letsencrypt-domain user domain
- Create and modify the script you will find here: https://git.scit.ch/rs/VestaCP-SystemSSL

Tested on Ubuntu 14.04 and Debian 8.

Please let me know if it also works for you, if you have any problems post it here or use the "Issue"-Function from our GitLab Server.

Why you should use this way instead of "create only symlinks of the cert files": viewtopic.php?p=56451#p56428

[core01]

Is this script actual?

Can i use LE cert for sending mail ?

[ScIT]

Is this script actual?

Can i use LE cert for sending mail ?

yes script is actual, don't know what you exactly mean with "sending email". But but it will also work for exim4 service, so you will have a trusted cert.

script is working on 4 productive web, and 4 "dns-only" servers.

[core01]

Is this script actual?

Can i use LE cert for sending mail ?

yes script is actual, don't know what you exactly mean with "sending email". But but it will also work for exim4 service, so you will have a trusted cert.

script is working on 4 productive web, and 4 "dns-only" servers.

I mean Can i use SSL Certificates with Exim http://www.exim.org/exim-html-current/d ... lsssl.html

[ScIT]

I mean Can i use SSL Certificates with Exim http://www.exim.org/exim-html-current/d ... lsssl.html

Yes, if your exim is pointed to the vestacp ssl certs (as far as i know this should be by default), it will work and also restart exim4 automatically.

[core01]

Hmm, i tried certificates and phpmailer can't send email on php > 5.6
https://github.com/PHPMailer/PHPMailer/ ... nistic-tls
I can't

Code: Select all

$mail->SMTPAutoTLS = false;

in my web application because modifying core classes of CMS is bad.

[ScIT]

Hmm, i tried certificates and phpmailer can't send email on php > 5.6
https://github.com/PHPMailer/PHPMailer/ ... nistic-tls
I can't

Code: Select all

$mail->SMTPAutoTLS = false;

in my web application because modifying core classes of CMS is bad.

Please open a new thread for your problem. This is not related to my script, my script only checks if the vesta cp ssl cert is older than existing one, replace it and restart the services.

[SS88]

Can i use LE cert for sending mail ?

You need a full CA for exim - one certificate from LE will not work.

[xjlin0]

Just want to share, I used ScIT's script to copy my Let's encrypt cert/key and it works, I can still sending/receiving ordinary email within Roundcube at https://my.site/webmail/ No TLS errors while enjoy VestaCP panel under https.

My system is Debian 8.6 Jessie, with PHP 5.6.29 and Vesta CP 0.9.8.17, with exim+dovecot+spamassassin+clamav

[billmedina]

ln - s /etc/letsencrypt/live/[mydomain.com]/cert.pem /usr/local/vesta/ssl/certificate.crt
ln -s /etc/letsencrypt/live/[mydomain.com]/privkey.pem /usr/local/vesta/ssl/certificate.key
service vesta restart