Hi, I have existing ISPConfig 3.2.x installation which started its history long time ago with self-signed certificates, and later upgraded with Let's Encrypt for web sites, not mail. Now I have new blank ISPConfig 3 server, and purchased Migration Toolkit license to move all my stuff to the new home. How mail SSL will be handled after migration? By Let's Encrypt, or Migration Toolkit will copy self-signed SSL certificates and related settings to the new server? Thanks in advance. Andrei
The migration tool copies over data from the ISPConfig database, websites, mailboxes, and DNS zones + records. Included with websites are the databases you created through ISPConfig, SSL certificates, etc. You must have the same Let's Encrypt client on both servers for a successful migration, or decide not to copy over certs and switch from certbot to acme.sh (if you were using certbot). Configuration is not copied over. E.g. custom config in conf-custom (ISPConfig) or /etc. So it might be that the cert you want to use for your mailserver is copied over, but you will have to create the necessary symlinks and trigger on update of the cert yourself on the new server.
I see ".acme.sh" directory in "/root" with fresh SSLs, so currently ISPConfig uses acme.sh. However, I also see traces of Certboot in OS (certboot.log in "/root"), and from what I remember in long past ago, first I tried Certboot and it didn't worked, then I installed acme.sh and everything went fine. How to remove all traces of Certboot in ISPConfig so Migration Toolikit won't try to copy any Certboot-related data? Thanks.
Then your system uses acme.sh. Certbot certs are in the folder /etc/letsebcrypt/ if you sue it, certbot is not in /root folder.
