Problem with Certificate Auto Renew Let's Encrypt

Good day.

I have much imported accounts on the server. And in every account in "SSL Certificates" part I see selected "Paste a pre-generated certificate and key" or "Use the server's certificate".
But I want to set up "Free & automatic certificate from Let's Encrypt" with "Wildcard".

How does it possible? I can write some script, but don't know, from where I will start?
 
Great! Looks like I was looking for this script!

But, if the user already has old certificate? Will this script renew it also?
 
I got it Alex, no problem.
Ok, does anybody Know, how we can remove all expired certs and self-signed certs and After that we will set up letsencrypt?

so the domain will not have any bad or expired cert.
 
See how the script detects whether a user's domain has a cert:

http://files.directadmin.com/services/all/letsencrypt/autoletsencrypt.sh

Code:
for u in `ls /usr/local/directadmin/data/users`; do{
	  for d in `cat /usr/local/directadmin/data/users/$u/domains.list`; do
	  {
			if [ ! -e /usr/local/directadmin/data/users/$u/domains/$d.cert ] && [ -s /usr/local/directadmin/data/users/$u/domains/$d.conf ]; then

so you should remove the file /usr/local/directadmin/data/users/$u/domains/$d.cert and run the script again.
 
yes, you are right. But this way I will not know what I'm removing. But, may be it is a way - remove all certs and start letsencrypt, if it is impossible to replace old or self-signed certs
 
Write a script where with a help of openssl you read a valid date of a cert and remove the cert if it's outdated.
 
thank you very much. I thought DA has an option through API to set up letsencrypt for all, to replace invalid certs. If no - so no, have to use this way you mentioned.
Thank you, Alex.
 
You are welcome. If someday you write such a script, I'm sure the DirectAdmin developers will be glad to consider adding it into their distributive. As of now I don't know any ready solution for this. ;)
 
You are welcome. If someday you write such a script, I'm sure the DirectAdmin developers will be glad to consider adding it into their distributive. As of now I don't know any ready solution for this. ;)

This day has come!
I had modified autoletsencrypt.sh and added checking date expiration. If cert has been expired today or tomorrow - script will request LE to get the cert.
Here is it: View attachment autoletsencrypt.sh.gz
 
Back
Top