Vesta Control Panel - Forum

skurudo wrote:

molen wrote:Let's Encrypt program needs to read conf file or VHost setting to know what site you need certificates.
But Vesta's way can't let the Let's Encrypt program to find the site, especially the site's DNS records are not in Vesta system.

Why? Let's Encrypt can't read path, or you can't choose where config file are?

molen wrote:So I think Vesta needs to adjust some setting to support Let's Encrypt.
I am a Let's Encrypt tester but can't get a certificates by its program. So sad. :(

When this software will be in production, not in limited beta, then some tests make sense.. now it's just for fun only.

It's a manual process at the moment, but totally doable. I've got a couple of sites up that are managed via Vesta, and now using certificates from the Let's Encrypt production CA. No, the "automatically detect my server and install the certificates" thing doesn't work with Vesta, but a few minutes on the command line sorts it all out.

There are actually a couple of ways forward:

1. The ACME client is based on plugins (Apache is the default, nginx is under development), so they could be forked to support the Vesta configuration.

2. The client could be integrated directly into Vesta (which would be awesome!).

Let me know if you'd like my quick and dirty notes I took while setting up my initial tests.

Can you share how you installed the certificates? -- "few minutes on the command line"

I've just got my invite for the beta.

Thanks.

danimalweb wrote:Can you share how you installed the certificates? -- "few minutes on the command line"

I've just got my invite for the beta.

Thanks.

No problem, I'll clean up my notes and post them.

For anyone interested, I've put some (very!) quick docs here: https://docs.google.com/document/d/1y5t ... sp=sharing.

TheRealRichii wrote:For anyone interested, I've put some (very!) quick docs here: https://docs.google.com/document/d/1y5t ... sp=sharing.

Nice docs! Thanks a lot.

Anybody else got problems with exim after chaning the main vesta ssl?
I tried to && set chmod to 644 but still the same error message! Any ideas?

Edit:

I've written an script that integrates the Let's Encrypt client with Vesta's command line tools to automate the request process for Vesta. You can clone it from GitHub at https://github.com/interbrite/letsencrypt-vesta. See the README file for installation instructions.

Once you've installed it, all you need to do is run , where USER is a Vesta user account and DOMAIN is a domain hosted under that account. The script will look up the aliases associated with the domain and request a certificate for all of them, use webroot authentication to validate the domains, and then properly install the cert using the Vesta command line tools. The same command is used for new requests and renewals and it will work on any domain, whether or not SSL support has already been enabled on it.

kodiak wrote:I've written an script that integrates the Let's Encrypt client with Vesta's command line tools to automate the request process for Vesta. You can clone it from GitHub at https://github.com/interbrite/letsencrypt-vesta. See the README file for installation instructions.

Once you've installed it, all you need to do is run

Code: Select all

letsencrypt-vesta USER DOMAIN

, where USER is a Vesta user account and DOMAIN is a domain hosted under that account. The script will look up the aliases associated with the domain and request a certificate for all of them, use webroot authentication to validate the domains, and then properly install the cert using the Vesta command line tools. The same command is used for new requests and renewals and it will work on any domain, whether or not SSL support has already been enabled on it.

Very cool!
Does it also work with Apache+Nginx setup? Or Nginx+PHP-FPM?
Cheers!

Neso wrote: Very cool!
Does it also work with Apache+Nginx setup? Or Nginx+PHP-FPM?
Cheers!

It should work with anything that Vesta supports. It uses Vesta's command line tools to do the cert installs, so as long as the Vesta tools stay in line with how you can configure things in the web panel, the script should always work. Provided you're using both servers, Vesta installs the cert in both Apache and Nginx.

TheRealRichii wrote:For anyone interested, I've put some (very!) quick docs here: https://docs.google.com/document/d/1y5t ... sp=sharing.

Thank you! Good guide - just to add you will need to swap out admin for any web accounts you made under a different user.