SSL / TLS let’s encrypt certification setting ?

Discussion in 'General' started by Keoz, Dec 17, 2018.

  1. Keoz

    Keoz Member


    My web contents are on VPSs running distro Ubuntu 18.04 LTS / apache server.

    Recently Tillman gave me the following directive that makes “Let’s encrypt“ certificate active to secure apache and have a proper “https“ URL adresses for websites. Once connected to my ISPConfig 3 panel, I copied and pasted the directive in required field under the option tag of my website https://www.first (.e .g) and it works fine until now :

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

    However I received and email that I was not expected, saying that I would have to renew the certificate, so I need to have further informations about it (3 questions) :

    *** Q 1 ***
    Does this directive above include or not the “Let’s encrypt“ certificate auto renewal ; if not how to active its auto renewal ?

    *** Q 2 ***
    I copied the above directive and tried to use it to secure another website on a different server ; but when I connect to the website, the browser returns the following ERROR MESSAGE (do I have to change parameter in the directive ?) :

    This website can’t supply secure connexion (e.g.) returns incorrect response

    *** Q 3 ***
    Would you advise me to set SSL/TLS certification as explained on the following tutorial
    instead of using the above directive ?

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The directive you posted is not directly related to Let's encrypt, it is simply a http to https rewrite which you normally would activate on the redirect tab in ISPconfig instead of manually configuring it on the options tab.

    1) This is not related to Let#s encrypt auto renewal or Let's encrypt in general.
    2) The directive is not about securing your server, its a http to https redirect. To secure your server, enable the SSL and let#s encrypt checkboxes in the website settings. After you did that, you can activate a http to https redirect on the redirect tab of the site. The above config snippet is not required for that.
    3) No, it will just break your server. As mentioned above, all you have to do is enabling the SSL and Let's encrypt checkbox of the site, the SSL cert gets renewed automatically then. And you should use the SSL redirect option on the redirect tab instead of the manual https redirect you added. In case you did all the above and LE renewal failed, then you can find the reason on why it failed in the letsencryp.log file.
  3. Keoz

    Keoz Member

    Thank U so much !
  4. Keoz

    Keoz Member

    How can I also have a securised “https“ connexion and a green lock on login page to ISPConfig panel ?
    Actually, when connected to (ISPConfig panel) the browser information mark (!) delivers information saying that website is not securised.

  5. till

    till Super Moderator Staff Member ISPConfig Developer

Share This Page