remote API (LetsEncrypt and DKIM)

Discussion in 'General' started by jsjosiah, Oct 31, 2016.

  1. jsjosiah

    jsjosiah New Member

    Hey all, is there a way to create a LetsEncrypt SSL certificate by the remote soap ?
    And is there way to genereate DKIM key's for e mails domain by the remote soap?
     
  2. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    You can not create dkim-keys using the remote-api.
     
  3. maumar

    maumar Member

    And about Let's encrypt?
    I have migrated 1500 domain with your script but ssl lE certs were not created, Can I create them massively with remote soap api?
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Which script did you use? And why did you reopen a 5-year-old thread.
     
  5. maumar

    maumar Member

    Hello Till, the migration tool, we have licensed by you, there is a small bug, the LE account is migrated as is and it is not valid to authenticate LE request on new server
    I will be more detailed further, when the guy who did the job came back to virtual life
    In the mean time we need to recreate massively LE certs sadly
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    The Migration Tool copies all LE certs and reuses them, so there is no need to use remote api or similar or to reissue the certs. I migrated one of my own servers a few days ago using the migration tool and dozens of other users use it daily with success, all le certs were migrated successfully. I'm sorry to hear that you hired someone that apparently did not has the knowledge to do the migration and messed up your certs, but that's neither an issue in ISPconfig nor an issue with the migration tool. Also, certs do not need to be re-authenticated.

    But the good thing is, even if the guy you hired messed up your new system so badly, there is no need to reissue any certs nor to code any scripts or similar as ISPConfig picks up your old certs automatically.

    1) Copy the whole /etc/letsencrypt folder to the new system (if your old server was using certbot)
    2) take care that your new system is installed properly and uses certbot as well (and not that your sysadmin installed acme.sh instead)
    3) Run Tools > resync on the websites, so that the copied certs can get picked up by ispconfig.

    This works only if you did not manually mess in the database or le setup.
     
    Last edited: Jan 20, 2021
    ahrasis likes this.
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Btw. In case your admin created a new le account on the new server, delete that new le account. Your new servers will reuse the old account automatically then.

    And if you need help, contact migration support: https://www.ispconfig.org/get-support/?type=migration
     
    ahrasis likes this.

Share This Page