LetsEncrypt 2.0 with 70+ dnsproviders, ready for testing

[DirectAdmin Support]

Hi guys,

If you wish to test out the 70+ "dns providers", just update Let's Encrypt to 2.0 using CustomBuild script.
This is currently only at the User Level, where, when creating the cert, once "wildcard"option, a new field (below) will appear, defauting to "Dns Provider = Local".
This requires the latest pre-release binaries plus letsencrypt.sh 2.0, and we'll be added fixes/improvements as we go.

You can then pick a new dns provider, say "CloudFlare" and enter your user/key + extra bits, as needed, specified by that provider.
Once used, and you trigger the request.. the envs are added and the new letsencrypt.sh should pick that up and use it instead of the local dns box.

Feature is listed here, so look for any changes, which can happen if we need to alter the design:

Version 1.61.4 | Directadmin Docs

DirectAdmin Knowledge Base

directadmin.com

It can also inherit reseller-defined DNS provider or a global one for all the domains.

Thanks and happy testing!
John

 

[mentik_yusmantara]

Thanks!
What about OpenSSL, when the update available from Custombuild?
So, we can update it easily

 

[smtalk]

Thanks!
What about OpenSSL, when the update available from Custombuild?
So, we can update it easily

At this time openssl is managed by OS. Is there a reason you need some other version?

 

[mentik_yusmantara]

At this time openssl is managed by OS. Is there a reason you need some other version?

there are no problem about current version,
i just knew it managed by OS

so, that's why the openssl version still 2017, CentOS7

Thanks, sir

 

[smtalk]

there are no problem about current version,
i just knew it managed by OS

so, that's why the openssl version still 2017, CentOS7

Thanks, sir

It is not 2017, there were multiple updates in past years.

 

[mentik_yusmantara]

It is not 2017, there were multiple updates in past years.

I check via CLI "openssl version"
OpenSSL 1.0.2k-fips 26 Jan 2017
Should i update it manually?
How i can update it for works with directadmin?
I am using VPS

 

[smtalk]

I check via CLI "openssl version"
OpenSSL 1.0.2k-fips 26 Jan 2017
Should i update it manually?
I am using VPS

And now check rpm -q --last openssl to see when it was updated I bet it is not 2017.

The Package Versions - Why our package versions are (almost) never bumped up?

Why is my Red Hat Enterprise Linux 7 OpenSSL version 1.0.1e, since upstream already has 1.1 or 1.0.2?Why is Red Hat shipping PHP 6, when upstream is already in version 7?Red Hat Enterprise Linux 6 is still in supported status! But Red Hat Enterprise Linux 6's apache is still version 2.2!Or even...

www.redhat.com

 

[mentik_yusmantara]

@smtalk
i just checked with the command
"openssl-1.0.2k-19.e17.x86_64 sun may 24 13:01:39 2020"
yes,,, 2020 version,,, so my current version is too old, 3 years ago

how to do sir,,,

Regards Sir

 

[mentik_yusmantara]

@smtalk
I mean, is there another step for directadmin when updating openssl

Thanks sir...

 

[Active8]

@smtalk
I mean, is there another step for directadmin when updating openssl

Thanks sir...

you dont have to do anything as @smtalk mentioned your openssl is backported with the latest updates of 2020 so dont bother

 

[mentik_yusmantara]

you dont have to do anything as @smtalk mentioned your openssl is backported with the latest updates of 2020 so dont bother

Thanks Active*

 

[LawsHosting]

Erm, am I stupid or what.....How the hell do you activate this?

 

[ikkeben]

Erm, am I stupid or what.....How the hell do you activate this?

HIHI Peter with ACTIVE* he means the user ACTIVE8.

Or is your question not a reaction on post from Kadek_mentik then i 'm ...

 

[LawsHosting]

I'm trying it hard following the instructions on how to activate this....... Only I use cloudflare, so I thought I'd test it as I'd love a wildcard certificate.

It's the dnsproviders.conf I'm having trouble understanding. What do I put in them?

 

[LawsHosting]

Oh, you got to be kidding me? It only works in EVOLUTION skin? Do behave.

 

[LawsHosting]

So, to test this, we need to use Evolution? Or what? Will it make it to Enhanced for the final release?

Some of us hate Evolution skin, believe it or not.

 

[lolfust1]

At this time openssl is managed by OS. Is there a reason you need some other version?

a feature needed on DA related Lets encrypt -
Able to set amount of times to renew ssl cert if it fails after X times, it disabled its auto renew.
some people have domains moved away or etc, and those emails from DA about it drives me crazy >:

 

[LawsHosting]

a feature needed on DA related Lets encrypt -
Able to set amount of times to renew ssl cert if it fails after X times, it disabled its auto renew.
some people have domains moved away or etc, and those emails from DA about it drives me crazy >:

Already there.... https://www.directadmin.com/features.php?id=2352

 

[WizardX]

With the addition of the following variables wildcard certs are perfectly requested an renewed because the system has more time to validate DNS records of slow-propagating external DNS providers.

export EXEC_PROPAGATION_TIMEOUT=900
export EXEC_POLLING_INTERVAL=120

 

[LawsHosting]

I did some testing, and Cloudflare works........

Enhanced skin support is needed though...