As noted in another thread, I installed v3.1.15 over Ubuntu v20. Step 9 of the "Perfect Server" article for Ubuntu simply says "apt-get -y install certbot". I prefer acme.sh and installed that instead. From there the installation packages generate the certs. I don't know where ISPConfig components expect certs to be stored. acme.sh installs to the home folder of the current user, and also puts certs under that folder. I installed as root because I didn't know what user/group should be used. This configuration is not working, probably because of permissions, and probably because the certs are not found by components. Specifically, HTTPS to the site is not working. I can probably fix that one issue myself, but if that isn't working then it seems reasonable that other certs aren't correctly set either. So I believe I need to understand how this is all working, and then fix and confirm each location. Can someone please clarify where certs are placed as the installation proceeds, so that I can ensure these get replaced by new acme.sh updates. I can just look for key files but I'd rather be focused about where to look, and understand the package, rather than brute-forcing information out of the system. Is there some documentation for how to properly install acme.sh rather than certbot for ISPConfig 3? Maybe "everything you wanted to know about certs in a ISPConfig environment"? Please feel free to point me to pages to RTM. If there is none, I'd be happy to write it based on whatever info I find in these forums. It looks like PureFTPd needs a cert - I didn't install PureFTPD. It looks like Postfix needs a cert - I definitely need that. Would the solution here be found in Postfix resources? ISPConfig needs a cert for the UI - I'm using Apache and can probably fix that on my own if this is pure Apache. I don't know what I don't know, so some guidance on this is welcome. I posted similar notes in this thread about migration from certbot to acme.sh. This thread is different. As I learn more about ISPConfig, I believe that was the wrong thread for my situation. My situation is "I'd like to use acme.sh instead of certbot" and I thought that was the same as "migrating" to acme.sh. But now I think I know better. Installing from scratch is probably different than installing certbot and then migrating to acme.sh. Thanks!