Arieh
Verified User
Update (last edit at 25-01-2016)
Most recent update (25-01-2016): development is suspended due to the official DA integration: https://www.directadmin.com/features.php?id=1828 - it's assigned to DA version 1.492 which isn't released just yet.
About the plugin:
Multiple developers are working on this project, feel free to join!
Project page: https://github.com/Petertjuh360/da-letsencrypt
Progress page: https://github.com/Petertjuh360/da-letsencrypt/milestones
Known issues: https://github.com/Petertjuh360/da-letsencrypt/issues
Can I use it?
At this moment (20-01-2016), there isn't a stable release just yet. A few people are using this plugin in production, however this is not recommended. Many things may change and the plugin has not been checked for security issues. If you do use it, it's up to you. You will need git and composer (they are developer tools, see README). In the first stable release git and composer will not be needed, all the vendor files that the tools gather will be included in the plugin package.
-----------------
Original post:
Since today the Let's encrypt went to public beta, and no one (publicly) has stated to work on a plugin I thought to take this initiative.
I've worked out the commands that need to be done in order to get the certificate and how to get it in DA.
I'm hoping together we can make this into a plugin or DA could ingegrate this so that on user level this can be done fully automatically.
Requirements:
When running ./letsencrypt-auto, it will install python
In my case, Debian the following packages were installed (without asking anything)
The letsencrypt binary came in to /root/.local/share/letsencrypt/bin/letsencrypt for me, so I created a symlink:
Then using it to create the certificate files, actually very easy; I'm using example.tld as example domain under the user admin.
Certificate files are now in:
Then we need to get these files into DA:
Specify these files in DA conf:
So ssl needs to be changed to ON and SSLCACertificateFile etc need to be inserted or changed, the files themselves need to be created if they don't exist; chowned to diradmin:diradmin
Finally rewrite of httpd.conf's, I'm not sure if this is the only way possible
And that's it. I was a bit surprised that this all just worked without problem.
Personally I don't have the time to create the plugin fully; so again I'm hoping that someone else can take it from here. Please keep it open source and free; the whole idea of let's encrypt is that it's free.
Most recent update (25-01-2016): development is suspended due to the official DA integration: https://www.directadmin.com/features.php?id=1828 - it's assigned to DA version 1.492 which isn't released just yet.
About the plugin:
Multiple developers are working on this project, feel free to join!
Project page: https://github.com/Petertjuh360/da-letsencrypt
Progress page: https://github.com/Petertjuh360/da-letsencrypt/milestones
Known issues: https://github.com/Petertjuh360/da-letsencrypt/issues
Can I use it?
At this moment (20-01-2016), there isn't a stable release just yet. A few people are using this plugin in production, however this is not recommended. Many things may change and the plugin has not been checked for security issues. If you do use it, it's up to you. You will need git and composer (they are developer tools, see README). In the first stable release git and composer will not be needed, all the vendor files that the tools gather will be included in the plugin package.
-----------------
Original post:
Since today the Let's encrypt went to public beta, and no one (publicly) has stated to work on a plugin I thought to take this initiative.
I've worked out the commands that need to be done in order to get the certificate and how to get it in DA.
I'm hoping together we can make this into a plugin or DA could ingegrate this so that on user level this can be done fully automatically.
Requirements:
Code:
git
When running ./letsencrypt-auto, it will install python
In my case, Debian the following packages were installed (without asking anything)
Code:
augeas-lenses dialog libaugeas0 libffi-dev libpython2.7 python-dev python-pkg-resources python-setuptools python-virtualenv python2.7-dev
Code:
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto
The letsencrypt binary came in to /root/.local/share/letsencrypt/bin/letsencrypt for me, so I created a symlink:
Code:
ln -s /root/.local/share/letsencrypt/bin/letsencrypt /usr/sbin/letsencrypt
Then using it to create the certificate files, actually very easy; I'm using example.tld as example domain under the user admin.
Code:
letsencrypt certonly --webroot -w /home/admin/domains/example.tld/public_html -d example.tld --email [email protected] --agree-tos
Certificate files are now in:
Code:
/etc/letsencrypt/live/example.tld/
Then we need to get these files into DA:
Code:
/etc/letsencrypt/live/example.tld/privkey.pem ->
/usr/local/directadmin/data/users/admin/domains/example.tld.key
/etc/letsencrypt/live/example.tld/chain.pem ->
/usr/local/directadmin/data/users/admin/domains/example.tld.cacert
/etc/letsencrypt/live/example.tld/cert.pem ->
/usr/local/directadmin/data/users/admin/domains/example.tld.cert
Specify these files in DA conf:
Code:
/usr/local/directadmin/data/users/admin/domains/example.tld.conf
Code:
SSLCACertificateFile=/usr/local/directadmin/data/users/admin/domains/example.tld.cacert
SSLCertificateFile=/usr/local/directadmin/data/users/admin/domains/example.tld.cert
SSLCertificateKeyFile=/usr/local/directadmin/data/users/admin/domains/example.tld.key
ssl=ON
So ssl needs to be changed to ON and SSLCACertificateFile etc need to be inserted or changed, the files themselves need to be created if they don't exist; chowned to diradmin:diradmin
Finally rewrite of httpd.conf's, I'm not sure if this is the only way possible
Code:
/usr/local/directadmin/custombuild/build rewrite_confs
And that's it. I was a bit surprised that this all just worked without problem.
Personally I don't have the time to create the plugin fully; so again I'm hoping that someone else can take it from here. Please keep it open source and free; the whole idea of let's encrypt is that it's free.
Last edited: