Results 1 to 8 of 8

Thread: Auto activate a Lets Encrypt certificate

  1. #1
    Join Date
    Apr 2018
    Posts
    4

    Auto activate a Lets Encrypt certificate

    Hello!

    This is my first post here on the DirectAdmin Forum. So I hope I am doing it correctly.

    I have the next situation:

    Everytime I request an Lets Encrypt certificate through SSH with the by DirectAdmin provided letsencrypt.sh script.. I always have to select that certificate trough the directadmin panel to activate it.

    Is there a way to auto-activate it when there is a successfull request?

    Because sometimes i request for 80 - 100 new domains.. and its a pain in the butt to activate them all manually through DA..

    Any help is welcome!

    Thanks in advance!

  2. #2
    Join Date
    May 2014
    Posts
    96
    Do you not mean the symlink from private_html to public_html? After the letsencrypt.sh, do the following:

    /usr/local/directadmin/dataskq d1000

    What kind of output do you get?

    Maybe you can also check this?

    https://help.directadmin.com/item.php?id=675
    https://www.directadmin.com/features.php?id=2023
    https://help.directadmin.com/item.php?id=489

  3. #3
    Join Date
    Apr 2018
    Posts
    4
    Quote Originally Posted by dave097 View Post
    Do you not mean the symlink from private_html to public_html? After the letsencrypt.sh, do the following:

    /usr/local/directadmin/dataskq d1000

    What kind of output do you get?

    Maybe you can also check this?

    https://help.directadmin.com/item.php?id=675
    https://www.directadmin.com/features.php?id=2023
    https://help.directadmin.com/item.php?id=489
    Thank you for your reply. But that is not what i meant. I'm sorry if i'm unclear about explaining the "problem".

    The private_html->public_html symlink is set by default. Thats not the issue..

    What i mean is: If i do a new request for a LE certificate and it's been requested successfully.. DirectAdmin stores the certificate for that domain. But doesn't activate it.. So i have to go to User Level -> SSL Certificates and then choose the requested certificate.. but what i want.. is that DA auto select that freshly created certificate..

    I hope it more clearer now!

    Greetings

  4. #4
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    12,578
    Yes, I confirm. If we use /usr/local/directadmin/scripts/letsencrypt.sh to request a cert for a domain that is not using a cert yet, then the script does not add directives:

    Code:
    SSLCACertificateFile=/usr/local/directadmin/data/users/userbob/domains/example.net.cacert
    SSLCertificateFile=/usr/local/directadmin/data/users/userbob/domains/example.net.cert.combined
    SSLCertificateKeyFile=/usr/local/directadmin/data/users/userbob/domains/example.netu.key
    for the domain into example.net.conf.

    And I'd also wanted letsencrypt.sh to manage to add the missing lines correctly.

    p.s. it's now a feature request.

  5. #5
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    12,578
    By the way it seems to be possible with this script: https://help.directadmin.com/item.php?id=675

  6. #6
    Join Date
    Apr 2018
    Posts
    4
    Quote Originally Posted by zEitEr View Post
    By the way it seems to be possible with this script: https://help.directadmin.com/item.php?id=675
    Thank you very much zEitEr!

    I hope that DA will implement it in there letsencrypt.sh script!

    For now i will try autoletsencrypt.sh

    Thanks for the support!

    Greetings from Holland

  7. #7
    Join Date
    Mar 2012
    Posts
    1
    How can I use autoletsencrypt.sh to create a certificate for mail.* to?

  8. #8
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    12,578
    Hello,

    For future installs through Directadmin interface check whether or not you have mail there

    Code:
    /directadmin c | grep letsencrypt_list_selected=
    expected to see

    Code:
    letsencrypt_list_selected=www:mail
    Update if it's not there:

    Code:
    echo letsencrypt_list_selected=www:mail >> /usr/local/directadmin/conf/directadmin.conf
    restart directadmin.


    Try this patched script to add certs with mail-subdomain

    Code:
    cd /root
    wget -O autoletsencrypt_mail.sh https://raw.githubusercontent.com/poralix/directadmin-utils/master/letsencrypt/autoletsencrypt_mail.sh
    chmod 755 autoletsencrypt_mail.sh
    ./autoletsencrypt_mail.sh

    from here: https://github.com/poralix/directadm...er/letsencrypt


    You might need to run

    Code:
    echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue
    /usr/local/directadmin/dataskq
    afterwards.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •