Hello, I have Ubuntu 14.04.5 LTS with ISPConfig 3.1.2 (Apache) that I have setup long time ago using one the perfect setup tutorials here. I was able to setup Namecheap Comodo SSL for one the websites. Now I would like setup free Let’s Encrypt. I can see "Let's Encrypt SSL:" option under Web Domain but when I enable it and click save it does not stay checked. I've searched here but could not find similar posts where someone is trying to do a "add on" on top of old setup. I don't want do mess up my working setup and I was hoping someone can help me with what should I do next?
Hello, you have to install the certbot (letsencrypt) either through system packages or manually https://certbot.eff.org/#pip-other
Thanks for the reply! I can install it by running apt-get -y install letsencrypt and restarting apache?
You can install it with apt, the package name may differ depending on the Linux distribution, you can e.g. search for it with "apt-cache search letsencrypt" or "apt-cache search certbot", certbot as well as letsencrypt are both fine, no need to restart apache.
It does not look like my system packaged version: Code: root@linux:~# apt-cache search letsencrypt root@linux:~# apt-cache search certbot root@linux:~# apt-get -y install letsencrypt Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package letsencrypt root@linux:~# Should I follow their guide for my Ubuntu version and apache? https://certbot.eff.org/#ubuntutrusty-apache
You can use this steps: wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto ./certbot-auto do not select any domains, just select c to cancel. Selecting a domain will exclude them from ssl in ispconfig, that's why it is important to not select a domain and not use the apache option.
Thank you so much till! I'm so glad I asked because I would easly selected domain that I wanted certificate for but selecting "c" finished the setup and when I enabled it on the domain I got 90 days working certificate! Few more questions: 1. After 90 days is up I'm assuming cron job in ISPconfig will auto-renew the certificate? 2. Do I need to do anything else, add new DNS record on Godaddy or that's it? 3. How can I use Let's Encrypt for ISPconfig? hostname.myserver.com?
1) Yes 2) No 3) There are several threads about that, basically, you can create a website for the hostname in ispconfig and let LE create a cert for it and then exchange the ssl certs from ispconfig with an symlinks to the LE cert.