Can someone explain how the integrated Lets Encrypt function works? I have a multiserver setup with 1 public ip and require to: a. Create an SSL cert for all services (ISPConfig Panel, web server, mail server etc) b. Create an SSL for each websites I have. c. Automatically update renewals to all necessary servers (e.g mail server) From what I have read, to create an SSL for a website, besides all DNS records being correct, the procedure states that I use the IP address of the web server instead of *, and tick SSL and Let's Encrypt SSL. Then go to the SSL tab fill in the details, choose www.domain.com as domain and in the Actions Create certificate and click Save. I ve been trying this for days now, but the results are strange. I get an SSH Key, SSH Request and SSH Certificate entered in ISPCOnfig automatically but no the SSL bundle, and the ticks on SSL and Let's encrypt SSL are unticked by ISPconfig. What is the mistake here?
a) https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/ b) Enable Let's encrypt and SSL checkbox in the website settings to enable Let's encrypt for a website. c) LE certs are renewed automatically.
Ok I managed to create most of the required ssl automatically with ispconfig panel. Please correct if I am wrong. If SSL and Letsencrypt is ticked on the website settings then the SSL cert is created and handled automatically by letsencrypt/ispconfig and is placed as symlink in /var/www/website/ssl folder and nothing should be copied in the SSL Section Tab of the website (ssl request, ssl key, ssl cert and ssl bundle)? The SSL Section Tab is to manually enter any certificate created with other providers right? There is no need for me to copy all letsencrypt created certs in this section manually right? Also the updating is beeing done internally automatically in version 3.1.13, I shouldn't create an incron script as suggested on the tutorial right?
Yes. Yes. Yes. The incron script is useful if you want to use the same LE certificate for other services, like e-mail server etc.. The incron copies the renewed certificate for use by those other services and restarts them, so they start using the new certificate.
That's great. For multiserver setup there is a line in the https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/ tutorial to refer to post #203 without any link. Is there anything written somewhere? For multi-server setup, do refer to post #203 and add the given scp code in here to automate future update.
That #203 refers to message number 203 in this very long forum thread: https://www.howtoforge.com/communit...l-port-8080-with-lets-encrypt-free-ssl.75554/ Message #203 is in page 11.