Page 5 of 5

Re: Let's Encrypt for VestaCP System (8083) and exim4

Posted: Sun Jul 15, 2018 6:31 am
by youradds
kandalf wrote:
Sat Jul 14, 2018 7:29 pm
How can we certificate multiple domains. Imagine that you have domain1.com and domain2.com and want to use on mail configurations:
mail.domain1.com
mail.domain2.com

There is any way to create a certificate that works for all domains?
Not as far as I'm aware. You would need to really setup the SSL cert on your main domain, and then get everyone to just use that (i.e mail.servername.com)

Re: Let's Encrypt for VestaCP System (8083) and exim4

Posted: Wed Aug 15, 2018 3:09 pm
by BartMan__X
Congratz, you can register on the board and copy&paste your 3 line shell "solution" without any comment in two posts (here and viewtopic.php?p=56134#p56134). But can you answer me also a question? What will happen after 90days? If not, I will tell you: VestaCP backend will be outdated because you have to restart vesta service after changing/renewing the ssl cert.

So maybe next time: Read the thread where you are posting such a bullshit and try to understand, why it can maybe not work. Thanks.

I LOLed so hard .....

Re: Let's Encrypt for VestaCP System (8083) and exim4

Posted: Sun Oct 28, 2018 11:44 am
by MAN5
ScIT wrote:
Sun Apr 29, 2018 5:24 am
MAN5 wrote:
Sat Mar 17, 2018 5:37 am
youradds wrote:
Fri Mar 16, 2018 2:30 pm
This also does the exim4 certificates, so you can correctly connect securely to imap/pop3/smtp :)
Thats we set 0644 - executable permissions for root. Those certs are will be executable by exim as default.
What do you do, if the let's encrypt cert will be regenerated (normaly after 2 months)? As far as I know, you have to restart the service(s) for providing the new cert, otherwise it will be outdated/invalid. That was also a point, to do this script, because it was the only way for now to restart affected services (in my envroiment vsftpd, vesta and exim4).
Hi sorry. I missed this post OR i overlooked ontime. I feel your point is true as need to restart the VESTA/EXIM/FTP etc.,
But, what is the current 'v-update-letsencrypt-ssl' ?
I think, the restarting of the available mandatory services are could be done with the above script as default. This will keep the script as professional. (Myself im using my server hostname, VestaCP, Exim & Vsftp all using same SSL).

Or may send a Service-Restart reminder to the root email (If the root domain SSL has updated via the above script)

Re: Let's Encrypt for VestaCP System (8083) and exim4

Posted: Fri Dec 14, 2018 6:39 pm
by openVZvsKVM
ScIT wrote:
Wed Nov 09, 2016 10:06 am
VestaCP has now a integrated way to solve the request: viewtopic.php?f=10&t=17353

Hi @ all

For our internal VestaCP Systems I've written a short script to use the Let's Encrypt SSL Certificates for VestaCP (8083) and exim4.

First of all:
- Create your domain in WEB (for example server.domain.tld)
- Add a Let's Encrypt Certificate with v-add-letsencrypt-domain user domain
- Create and modify the script you will find here: https://git.scit.ch/rs/VestaCP-SystemSSL

Tested on Ubuntu 14.04 and Debian 8.

Please let me know if it also works for you, if you have any problems post it here or use the "Issue"-Function from our GitLab Server.

Why you should use this way instead of "create only symlinks of the cert files": viewtopic.php?p=56451#p56428
Thank You Sooo Much!!! it is very helpful for me and i have solved my mail server issues....
Extra Thank for this script https://git.scit.ch/rs/VestaCP-SystemSSL

Re: Let's Encrypt for VestaCP System (8083) and exim4

Posted: Thu Dec 27, 2018 2:36 am
by cottager
kandalf wrote:
Sat Jul 14, 2018 7:29 pm
How can we certificate multiple domains. Imagine that you have domain1.com and domain2.com and want to use on mail configurations:
mail.domain1.com
mail.domain2.com

There is any way to create a certificate that works for all domains?
I see no reason why you can't put aliases in your web domain for the mail servers you want to be in that certificate. Just add them in the aliases.