A new version of the LetsEncrypt plugin has just been released:
- Added: `include_altnames` configuration parameter (Closes: #IP-1657)
- Added: Support for i-MSCP control panel and services SSL certificates
- Fixed: Enforce non-interactive debconf frontend to avoid confusing debug log
- Fixed: Installation fail due to missing certbot `--non-interactive' command line option (regression fix)
- Fixed: Syntax error in SQL statement (iMSCP_Plugin_LetsEncrypt::afterDeleteCustomer() event listener)
Once registered on our forums, you can purchase this plugin at: https://i-mscp.net/index.php/PaidSubscriptionList/
WARNING Before updating, don't forget to read the README.md file and the UPDATE.md file inside the plugin archive WARNING
Update notes regarding this new version
I. Let's Encrypt SSL certificates for the control panel and services (FTP, IMAP/POP and SMTP)
The plugin is now able to handle issuance of SSL certificates for the control panel and/or services. To enable Let's Encrypt for the control panel and/or services you must in order:
- Enable SSL on i-MSCP side for the control panel and/or services, by choosing the self-signed SSL certificate option
- Connect as administrator to the control panel
- Activate Let's Encrypt for the control panel and/or services through the administrator's Let's Encrypt interface
The link for accessing the administrator's Let's Encrypt interface is available in the settings page.
Note that it is important to not disable this plugin when updating/reconfiguring i-MSCP because there is an event listener that replace the default SSL certificates by the Let's Encrypt SSL certificates. If the LetsEncrypt plugin is disabled, the event listener will not be triggered and so, the SSL certificates won't be replaced.
Be aware that this feature is still experimental.
Regarding SSL certificate for the control panel
Note that after enabling Let's Encrypt for the control panel, you may have to close and re-open your browser. Indeed, in some cases, the newly created SSL certificate is not loaded after a simple page refresh.
Note for PanelRedirect plugin users
If you use the PanelRedirect plugin, you must ensure that you have a version greater or equal to 1.1.5, else, the domain validations will fail.
II. SSL for alternative URL
Support for alternative URLs has been added. You can enable it by setting the include_altnames configuration parameter to true in the plugin configuration file. Once done, don't forget to trigger a plugin list update.
Before enabling support for alternative URLs, be sure that your DNS server can resolve names for them. If you use an external DNS server, this is generally achieved by adding a wildcard DNS resource record such as
where <panel.domain.tld> is the domain used for accessing the i-MSCP control panel and <server.ip>, the primary IP address of the i-MSCP server.
Be aware that this parameters acts only for new issuances and renewals.