Add/setup Let’s Encrypt to ISPConfig 3.1.2

Discussion in 'ISPConfig 3 Priority Support' started by JohnnyBeGood, Feb 10, 2017.

  1. JohnnyBeGood

    JohnnyBeGood Member HowtoForge Supporter

    Hello,

    I have Ubuntu 14.04.5 LTS with ISPConfig 3.1.2 (Apache) that I have setup long time ago using one the perfect setup tutorials here. I was able to setup Namecheap Comodo SSL for one the websites. Now I would like setup free Let’s Encrypt.
    I can see "Let's Encrypt SSL:" option under Web Domain but when I enable it and click save it does not stay checked. I've searched here but could not find similar posts where someone is trying to do a "add on" on top of old setup. I don't want do mess up my working setup and I was hoping someone can help me with what should I do next?
     
  2. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

  3. JohnnyBeGood

    JohnnyBeGood Member HowtoForge Supporter

    Thanks for the reply!
    I can install it by running apt-get -y install letsencrypt and restarting apache?
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    You can install it with apt, the package name may differ depending on the Linux distribution, you can e.g. search for it with "apt-cache search letsencrypt" or "apt-cache search certbot", certbot as well as letsencrypt are both fine, no need to restart apache.
     
  5. JohnnyBeGood

    JohnnyBeGood Member HowtoForge Supporter

    Perfect! I will do that and post back with the results.
     
  6. JohnnyBeGood

    JohnnyBeGood Member HowtoForge Supporter

  7. till

    till Super Moderator Staff Member ISPConfig Developer

    You can use this steps:

    wget https://dl.eff.org/certbot-auto
    chmod a+x certbot-auto
    ./certbot-auto

    do not select any domains, just select c to cancel. Selecting a domain will exclude them from ssl in ispconfig, that's why it is important to not select a domain and not use the apache option.
     
  8. JohnnyBeGood

    JohnnyBeGood Member HowtoForge Supporter

    Thank you so much till!
    I'm so glad I asked because I would easly selected domain that I wanted certificate for but selecting "c" finished the setup and when I enabled it on the domain I got 90 days working certificate!
    Few more questions:
    1. After 90 days is up I'm assuming cron job in ISPconfig will auto-renew the certificate?
    2. Do I need to do anything else, add new DNS record on Godaddy or that's it?
    3. How can I use Let's Encrypt for ISPconfig? hostname.myserver.com?
     
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    1) Yes
    2) No
    3) There are several threads about that, basically, you can create a website for the hostname in ispconfig and let LE create a cert for it and then exchange the ssl certs from ispconfig with an symlinks to the LE cert.
     
  10. JohnnyBeGood

    JohnnyBeGood Member HowtoForge Supporter

    Sounds good. I will search for those threads.
     

Share This Page