Let's Encrypt dns-01 already working externally, just need ISPConfig to recognize it.

Hello, I already have Let's Encrypt cert generation/renewal process working perfectly using dns-01 challenge from a remote central server to the ISPConfig server(s).

As a final step, I distribute the certs to all remote servers/hosts globally via scp and then reload whichever process needs to recognize the certs.

Questions:
1) I simply want to confirm if I can scp the resulting cert files so that ISPConfig will recognize/not overwrite them, and then reload apache?

2) It appears that the live cert files (for websites) are in (?):
/var/www/<domain.tld>/ssl/

3) And, for ISPConfig itself it is in (?):
/usr/local/ispconfig/interface/ssl/

4) Can I simply overwrite these files?

5) What other commands would I need to execute to ensure ISPConfig is properly updated/aware of the new SSL files?

I have already reviewed various threads here regarding Let's Encrypt but they all seem to be focused on Acme client and generating the certs from within ISPConfig. I do not want to do this as I am already using Dehydrated, formerly called letsencrypt.sh, and custom scripting for hundreds of domains across hundreds of servers in high availability setups.

Threads I have already reviewed include:
- https://www.howtoforge.com/communit...encrypt-ssl-certificates-into-ispconfig.71055
- https://www.howtoforge.com/community/threads/lets-encrypt-2-ispconfig.71348
- https://www.howtoforge.com/communit...te-for-ispconfig-admin-from-letsencrypt.73097
- https://www.howtoforge.com/community/threads/ssl-certificates-how-many-under-ispconfig.75062

Thank you in advance for your feedback.

 

Hello Till, thank you for the reply and confirmation.

I will look into the ISPConfig API to see how to do this.

Thank you