Securing ISPConfig 3 Control Panel (Port 8080) With Let's Encrypt Free SSL

Discussion in 'Tips/Tricks/Mods' started by ahrasis, Feb 14, 2017.

  1. Nexus Fred

    Nexus Fred New Member HowtoForge Supporter


    First, I'm a total newbie using unix :)

    I have installed ISPConfig using the "The Perfect Server - Ubuntu 18.04 (Bionic Beaver) with Apache, PHP, MySQL, PureFTPD, BIND, Postfix, Dovecot and ISPConfig 3.1" tutorial.

    ISPConfig has been secured by a self-signed SSL created during the install.

    Now I'm trying to follow this tutorial to install a Let's Encrypt Certificate but I'm blocked at the "[Checking LE SSL For ISPConfig 3.1 Control Panel]" step.

    In the directory "etc/letsencrypt/live" I do have a directory with my localhost name but ISPConfig still using the self-signed SSL Certificate ?

    Any ideas or tips to help a newbie to solve this ? ;)

    Best Regards
  2. Neptun

    Neptun Member

    If you follow the guide step by step it definitely works without any issue with the from you mentioned setup guide (if there happened no mistake).

    Start once again at point one here and double check everything

    And important, take care about your real folder structure, it is not only copy paste

    What do you mean with you are blocked?
    Last edited: Apr 29, 2020
  3. ahrasis

    ahrasis Well-Known Member

    @Nexus Fred, the above is part of the tutorial. Nothing said to check the folder you mentioned, unless you mean you are using LE4ISPC script which automatically checks that folder, and that is different from the tutorial.

    Actually LE4ISPC is quite outdated since there are a lot more codes that have been added while I contributed to ISPConfig for the same purpose.
  4. Tuumke

    Tuumke Active Member

    Shouldnt you update LE4ISPC then? :p i used it the other day, seems to work fine for me?
  5. Nexus Fred

    Nexus Fred New Member HowtoForge Supporter

    thanks all for your help.

    I just did again the tutorial and everything worked fine :), I have no idea of what I did wrong last time.
  6. ahrasis

    ahrasis Well-Known Member

    Good to hear that.

    Yes, but I am too lazy... :p

    True it should also still work for most people except those who are using certbot-auto instead of just certbot.
    Last edited: May 4, 2020
  7. Nexus Fred

    Nexus Fred New Member HowtoForge Supporter

    I was a little quick when I said "everything worked fine" :rolleyes:
    The ISPConfig on port 8080 dashboard on my subdomain is secure with an Lets Encrypt SSL certificate but the subdomain on the regular port 80 is not.
    If I try to regenerate a certificate on the Site Panel it's not working!?
    I have done something wrong, but what?
    Best Regards
  8. till

    till Super Moderator Staff Member ISPConfig Developer

  9. ahrasis

    ahrasis Well-Known Member

    Server subdomain should also work fine with the same LE SSL on other than port 8080, like port 443 (but not port 80 ofcourse) and that all depend on how you set the vhost(s).
  10. Nexus Fred

    Nexus Fred New Member HowtoForge Supporter

    Thanks @till & @ahrasis.
    So that a normal outcome.
    Do I need to keep the "ISPConfig Server Hostname FQDN" in the Website List or I can remove it or disabled it ?
  11. ahrasis

    ahrasis Well-Known Member

    I would advise maintaining the website if you already have one for it, as the current LE4ISPC script use the standalone approach which is more suitable for non-webserver.

    The reason is obvious, you don't want your webserver to be down during the creation / update of the LE SSL for that server.

    Until I fully update LE4ISPC to use webroot approach for a webserver, which I do not know when, it is best to follow the tutorial if you ISPConfig server is also a webserver.

    If your ISPConfig server is a non-webserver, then the use of standalone approach as in the current LE4ISPC is advisable.
  12. Nexus Fred

    Nexus Fred New Member HowtoForge Supporter

Share This Page