I select to use letsencrypt ssl's for domains but the ISP don't add anything into nginx configuration for virtual host... How to use it? Maybe I need to install letsencrypt on system ? But why no one write do do it in manuals? Also I have only cert.key and cert_bundle.crt - how to use it in ISPConfig from Web Panel? Or I only must to rewrite nginx configs from terminal?
You may want to read and follow this guide: https://www.howtoforge.com/communit...l-port-8080-with-lets-encrypt-free-ssl.75554/
No, thanks! You do it by hands vs bash - but if ISPConfig have integrations with letsencrypt in web panel - I want to know how it works from box at all!
ispconfig support let's encrypt but it's not install by default on less you have used one off the latest perfect server tutorial its very simpel to install you dont mention wich OS you use So i give you this link to a perfect server tutorial that use nginx the info you need are in section 8.4 https://www.howtoforge.com/tutorial/perfect-server-ubuntu-with-nginx-and-ispconfig-3/2/ the setup from ahrasis propose are to secure your controlpanel postfix . etc etc with a lets encrypt certificat and is highly recommanded for your own security
As I can see no one can explain how Lets Encrypt certs can be generated automaticaly from web panel...
There is not much to explain. If let's encrypt is installed, and the Perfect Server quides include instructions for installing it, there is a tick box for Let's Encrypt SSL in the Website tab. The website certificate is generated automatically and it is refreshed automatically before expiration. What the instructions and scripts made by Ahrasis do, is to copy the new or renewed Let's Encrypt certificate to the other services that use the certificate. If you do not use these, then you need to copy or link the certificates manually after each renewal, or install separate certificates you get from somewhere else for those services.
But as you can see on screen - ssl configuration from letsencrypt wasn't add into nginx config automaticaly. Also I didn't see error from web. Maybe Letsencrypt certs generation is test feature?
i suggest you read this https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/ and off course check that lets encrypt are install on your server wich you seem insecure off from the start (locate letsencrypt) because right now out off the box whe dont cant help much you havent given any info about OS version and Ispconfig version wich would help because not all OS and Ispconfig version are alike also it would be helpfull to know wich tutorial you have used to install ispconfig with
You have to check whether you have installed certbot / let's encrypt properly, otherwise, it won't work. That is only the first step. The second step is that you have to create the domain dns zone. Without it, most of the time, let's encrypt also won't work. My guess is that you are missing this second step. If both are already right / done, then check let's encrpyt logs for a clue. Basically I did mention some parts of this in my guide (though it is for ISPConfig panel), only if you did properly read.
