No description
Find a file
2016-11-11 11:20:28 +01:00
src use global alias to work also if there are redirects 2016-11-11 11:20:28 +01:00
.gitignore Initial commit 2015-11-06 20:52:02 +01:00
_todo improvements 2016-02-02 08:06:08 +01:00
acme.conf use global alias to work also if there are redirects 2016-11-11 11:20:28 +01:00
apache.letsencrypt.conf bugfix 2015-12-01 17:57:44 +01:00
nginx.conf.patch bugfix 2015-12-01 17:57:44 +01:00
README.md Update README.md 2016-03-11 12:51:58 +01:00

ISPConfig Let's Encrypt

REQUIREMENTS

Let's Encrypt installed

ISPConfig (select version in branche)

Apache or Nginx

INSTALLATION (as root)

git clone https://github.com/alexalouit/ISPConfig-letsencrypt.git
cd ISPConfig-letsencrypt
php -q install.php

After install, a new checkbox will be available in editing website, just check it.

Adjust server in /etc/letsencrypt/cli.iniif isn't ``https://acme-v01.api.letsencrypt.org/directory```

MANUAL INSTALLATION

  • make your own backup!

  • go to dir

cd ISPConfig-letsencrypt
  • create Let's Encrypt configuration
cp ./cli.ini /etc/letsencrypt/cli.ini
  • patch ISPConfig (merge all files from ./src to /usr/local/ispconfig)
rsync -av ./src/ /usr/local/ispconfig/
  • prepare apache
cp ./apache.letsencrypt.conf /etc/apache2/conf-available/letsencrypt.conf
a2enmod headers
a2enconf letsencrypt
service apache2 reload
  • prepare nginx
patch /etc/nginx/nginx.conf < ./nginx.conf.patch
service nginx reload
  • create a cron for automatic renewal:
crontab -e
30 02 * * * /root/.local/share/letsencrypt/bin/letsencrypt renew >> /var/log/ispconfig/cron.log
  • sql queries:
ALTER TABLE `web_domain` ADD `ssl_letsencrypt` enum('n','y') NOT NULL DEFAULT 'n';

TROUBLESHOOTING

update Let's Encrypt

cd /root/letsencrypt
git fetch
./letsencrypt-auto

see Let's Encrypt log

cat /var/log/letsencrypt/letsencrypt.log

see ISPConfig log

cat /var/log/ispconfig/ispconfig.log
cat /var/log/ispconfig/cron.log

remove certs

rm -r /etc/letsencrypt/archive/$domain/
rm -r /etc/letsencrypt/live/$domain/
rm -r /etc/letsencrypt/renewal/$domain.conf

re-generate cert: uncheck SSL & Let's Encrypt, save, recheck and save