Dear all, I need some sort of information to clean up my point of view at certificates (with ISPConfig) under Linux. Lets say, we have got the Linux, Apache2, PHP, ISPConfig installed and working. My questions: - when I issue certificates for the website under ISPConfig (Site->Wesite->SSL), the certs appear inside the tree of the website, here: /var/www/clients/client1/web6/ssl/domain.name-le.crt and /var/www/clients/client1/web6/ssl/domain.name-le.key Reffering from Apache2 vhost ...sites-enabled/100-domain.name.vhost- when I issue certificates manualy via letscrypt, the certs appear in /etc/letsencrypt/live - when I issue certs for ISPConfig interface, the certs appear in /usr/local/ispconfig/interface/ssl (but, just links to letscrypt certificates in /etc/letsencrypt/live/domain.name Is THAT recommended convention? I prefer to manage certificates manually, so the .vhost should point to LIVE certs in letscrypt /etc/letsencrypt/live/domain.name? Thanks eM
When using ISPConfig, don't use certbot manually. Let ISPConfig create and manage the certs, otherwise you will end up with a broken config. You shouldn't edit the vhost files manually either, as those changes will be overwritten when you change something through the UI.
Nope. Working is subjective. The right one is you need to follow PST or use the latest official installer guide. This, and this, you should not never do, when using ISPConfig. As said by @Th0m, always create LE certs for the ISPConfig panel during its installation / update, and using its interface, for any other website domain(s).
