SSL for ISPconfig

Discussion in 'Installation/Configuration' started by, Oct 11, 2017.

  1. Member


    I have a domain, I have enabled letsencrpyt ssl and it's working fine.

    When I try to access ispconfig on this domain it gives ssl error.

    how do I enable ssl for ispconfig using such domains?
  2. ISPConfig Developer ISPConfig Developer

    go to /usr/local/ispconfig/interface/ssl folder
    rm ispserver.bundle
    rm ispserver.crt
    rm ispserver.key
    ln -s /etc/letsencrypt/live/ ispserver.bundle
    ln -s /etc/letsencrypt/live/ ispserver.crt
    ln -s /etc/letsencrypt/live/ ispserver.key
    reload webserver and don't create new ssl cert when asked during update process
  3. Member

    Thank you for your quick response.

    i have following files


    [[email protected] ssl]# ls -l /etc/letsencrypt/live/

    lrwxrwxrwx 1 root root 39 Oct 2 11:40 cert.pem -> ../../archive/
    lrwxrwxrwx 1 root root 40 Oct 2 11:40 chain.pem -> ../../archive/
    lrwxrwxrwx 1 root root 44 Oct 2 11:40 fullchain.pem -> ../../archive/
    lrwxrwxrwx 1 root root 42 Oct 2 11:40 privkey.pem -> ../../archive/
  4. ISPConfig Developer ISPConfig Developer

    in my above instructions just replace the domain part with where you want to access ISPConfig.
    If you don't have that LE certificate for that yet, you'd need to setup a website with LE first in order to link to them.
  5. Member

    I have already added LE certificate and its working fine for that domain.
    when i access ispconfig on that domain, we get unauthorised ssl error.

    Files in my LE folder
    [[email protected] ssl]# ls -l /etc/letsencrypt/live/

    What I am trying to show is different names of files in my LE than you suggested
  6. ISPConfig Developer ISPConfig Developer

    you have the files I suggested right there ( chain.pem, cert.pem, privkey.pem ) my startingpoint was
    cd /usr/local/ispconfig/interface/ssl 
    and remove the ispserver.* files and replace them with symlinks to the files in your letsencrypt folder - the 2nd param of the ln -s is the target filename.

    If you link ssl certs for / and use to login there will be a SSL error except you have some kind of beta-test for wildcard/multi-domain ssl certs

Share This Page