How to use letscencrypt for domains in ISPConfig Panel ? How to user bundle crt for domains nginx?

Discussion in 'General' started by dengolius, Feb 17, 2018.

  1. dengolius

    dengolius New Member

    I select to use letsencrypt ssl's for domains but the ISP don't add anything into nginx configuration for virtual host...
    1. How to use it?
    2. Maybe I need to install letsencrypt on system ? But why no one write do do it in manuals?
    Also I have only cert.key and cert_bundle.crt - how to use it in ISPConfig from Web Panel? Or I only must to rewrite nginx configs from terminal?

    [​IMG]

    [​IMG]
     
  2. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

  3. dengolius

    dengolius New Member

  4. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    Ok. I hope you find a better way.
     
  5. Farsus

    Farsus Member

    ispconfig support let's encrypt but it's not install by default
    on less you have used one off the latest perfect server tutorial
    its very simpel to install
    you dont mention wich OS you use
    So i give you this link to a perfect server tutorial that use nginx the info you need are in section 8.4
    https://www.howtoforge.com/tutorial/perfect-server-ubuntu-with-nginx-and-ispconfig-3/2/

    the setup from ahrasis propose are to secure your controlpanel postfix . etc etc
    with a lets encrypt certificat and is highly recommanded for your own security
     
    ahrasis likes this.
  6. dengolius

    dengolius New Member

    As I can see no one can explain how Lets Encrypt certs can be generated automaticaly from web panel... :(
     
  7. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    There is not much to explain. If let's encrypt is installed, and the Perfect Server quides include instructions for installing it, there is a tick box for Let's Encrypt SSL in the Website tab. The website certificate is generated automatically and it is refreshed automatically before expiration.
    What the instructions and scripts made by Ahrasis do, is to copy the new or renewed Let's Encrypt certificate to the other services that use the certificate. If you do not use these, then you need to copy or link the certificates manually after each renewal, or install separate certificates you get from somewhere else for those services.
     
  8. dengolius

    dengolius New Member

    But as you can see on screen - ssl configuration from letsencrypt wasn't add into nginx config automaticaly. Also I didn't see error from web. Maybe Letsencrypt certs generation is test feature?
     
  9. Farsus

    Farsus Member

    i suggest you read this
    https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/
    and off course check that lets encrypt are install on your server wich you seem insecure off from the start
    (locate letsencrypt)

    because right now out off the box whe dont cant help much
    you havent given any info about OS version and Ispconfig version
    wich would help because not all OS and Ispconfig version are alike
    also it would be helpfull to know wich tutorial you have used to install ispconfig with
     
    ahrasis likes this.
  10. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    You have to check whether you have installed certbot / let's encrypt properly, otherwise, it won't work. That is only the first step.

    The second step is that you have to create the domain dns zone. Without it, most of the time, let's encrypt also won't work. My guess is that you are missing this second step.

    If both are already right / done, then check let's encrpyt logs for a clue. Basically I did mention some parts of this in my guide (though it is for ISPConfig panel), only if you did properly read.
     

Share This Page