Wouter0100
Verified User
- Joined
- Nov 9, 2012
- Messages
- 27
I've planned to release a DirectAdmin plugin for this, which automates these things.
Request to provide support for Let's Encrypt
- Thread starter nielsh
- Start date
That's great news Wouter.
I've been playing around with LetsEncrypt last night (the public beta went live, finally), and I ran into a few roadblocks already (validation is always over web-ports, but I want multi-domain certs which include "smtp" and "mail" for Exim and Dovecot). But after a good night's sleep I think I can work around these issues.
Keep us informed on your progress.
I've been playing around with LetsEncrypt last night (the public beta went live, finally), and I ran into a few roadblocks already (validation is always over web-ports, but I want multi-domain certs which include "smtp" and "mail" for Exim and Dovecot). But after a good night's sleep I think I can work around these issues.
Keep us informed on your progress.
Arieh
Verified User
I've also made a thread about this here http://forum.directadmin.com/showthread.php?t=52360 - with the details to make a plugin; pretty much straight forward, no issues on the letsencrypt part. The main thing is a perfect DA integration with full support for all DA related options and settings.
I've updated the tutorial now it's in open beta: https://raymii.org/s/articles/Lets_Encrypt_Directadmin.html. I've added a part where you symlink the files from Directadmin to the letsencrypt files. This will be a burden to do, including bringing down the webserver. DirectAdmin development should integrate this including auto renewal, otherwise a lot less people will use this. The renewal part, after the initial setup, consists out of running the client again, and since the symlinks are setup, does not require entrance in DA again. However, the renewal does require to bring down the webserver...
Arieh
Verified User
You should check my link of the post right above yours. It's possible to keep the default webserver running if you use the --webroot method, on top of that as it turns out there are several php libs made so it seems a da-plugin could be done very soon.
A DA plugin would be even nicer yes. I'll check out the webroot option, thanks
A DA plugin would be even nicer yes. I'll check out the webroot option, thanks
I've updated the guide with the webroot option, thanks again
Petertjuh360
Verified User
- Joined
- Nov 7, 2010
- Messages
- 340
A plugin to automate this is coming. Check https://github.com/Petertjuh360/da-letsencrypt . Still in beta.
zEitEr
Super Moderator
Hello,
Good to see that you're working on the plugin. They say there some rate limits and the rate limits will remain even after public beta ends:
https://community.letsencrypt.org/t/public-beta-rate-limits/4772
Since that... is your plugin able to deal with this and track the hourly and daily usage?
Good to see that you're working on the plugin. They say there some rate limits and the rate limits will remain even after public beta ends:
https://community.letsencrypt.org/t/public-beta-rate-limits/4772
Since that... is your plugin able to deal with this and track the hourly and daily usage?
Petertjuh360
Verified User
- Joined
- Nov 7, 2010
- Messages
- 340
Thank you for the information! The plugin isn't able to deal with this yet. I opened an issue. Thank you!
Wow, that sounds promising, and although it's not there yet, it is sooner than I expected (I didn't expect it at all to be honest).
But does this mean that the work you guys did on the plugin becomes redundant in the foreseeable future? Or have you been in contact with Mark and John about the implementation of this feature?
That's a valid question. I currently have accounts set up with LetsEncrypt certificates for Nginx, Exim and Dovecot. It would be really nice if all of them would be covered in this upcoming feature. I now set this up myself sort of half-automated, mostly to see if I could get it working, which I did. But an 'out-of-the-box' solution would of course be preferred.
Cyberdevil
Verified User
- Joined
- Sep 16, 2007
- Messages
- 40
Do we know an ETA of this native DA implementation? Because I'm currently using the plugin which is working great on a small managed production environment.
The guys at Dreamhost have it up and running already:
https://www.dreamhost.com/blog/2016/01/20/free-ssltls-certificates-at-dreamhost-with-lets-encrypt/
Not sure if it secures e-mail too.
https://www.dreamhost.com/blog/2016/01/20/free-ssltls-certificates-at-dreamhost-with-lets-encrypt/
Not sure if it secures e-mail too.
Sorry if this is slightly bumping an older thread;
With let's encrypt basically providing free SSL certificates there's no reason not to have any HTTPS-only websites. Will DA allow certificates on websites without their own IP? I have quite a few websites running right now but sadly I can't give them all their IP and I shouldn't have to.
With let's encrypt basically providing free SSL certificates there's no reason not to have any HTTPS-only websites. Will DA allow certificates on websites without their own IP? I have quite a few websites running right now but sadly I can't give them all their IP and I shouldn't have to.
SSL certificates with shared IP's is already possible. Just enable SNI in your DirectAdmin config: http://directadmin.com/features.php?id=1100