Lets Entcrypt Plugin update from ACMEv1 to ACMEv2

  • Hello


    will a new plugin version come out soon due to the change to ACMEv2?

    Or can I also update Certbot manually? If yes how:?:

  • I would also be interested to know.

    Here is a mail I got from Let's Encrypt:


  • At present, a quick and dirty solution that worked for me is as follows:


    ONLY FOR PEOPLE WHO HAVE A VALID SUBSCRIPTION TO THE PLUGIN


    1. Download the Let's Encrypt Plugin 3.5.0 on your Local Computer (from Plugin-Store)

    2. Uncompress the tar.gz archive

    3. Replace LetsEncrypt/bin/certbot-auto with https://raw.githubusercontent.…rtbot/v1.1.0/certbot-auto

    4. Edit LetsEncrypt/info.php and change:

    - version (for example 3.5.1)

    - date (for example 2020-02-03)

    - build (for example 2020020300)

    5. Repackage the LetsEncrypt directory and his contents to LetsEncrypt.tar.gz (with 7zip create a tar and the with 7zip again create a gz)

    6. Upload the new plugin as usual


    Test what you did with:

    Code
    1. /opt/eff.org/certbot/venv/bin/certbot --version

    If the result is 1.1.0 and not 0.26.1 you did it.


    I only tested the Create certificate and the Revoke Certificate procedures. They worked with LE API v2. I didn't test the renewal yet.


    Hope it helps,

    bye Kess.

  • You don't need to download that stuff on your local machine, On the server you can use mc (Midnight Commander) to edit the contents of the archive.

  • Thank you both for providing a solution.


    I have found an even easier way to work around this issue. (Certificate creation works, Renewal still using ACMEv01, not sure why!)

    The latest Let's Encrypt i-MSCP plugin is using certbot 0.26.1 which is already capable of using ACMEv2. But it is not used by default.

    You can change that by uncommenting line 796 in /var/www/imscp/gui/plugins/LetsEncrypt/backend/LetsEncrypt.pm so it looks like this:


    Code
    1. '--server', 'https://acme-v02.api.letsencrypt.org/directory',


    Please keep in mind, that this files gets overwritten, when reinstalling or updating the Let's Encrypt Plugin.

    Edited 2 times, last by Vringe: Update testing status ().

  • Hi!



    Plugin is not working.

    Plugin menu write:

    Installing...



    I start install 1.5 hours ago, but not finished.



    What the problem?

  • So I made your changes and deleted my ssl and saved it again.thanks you

    my System :



    - Distribution: Debian | Release: 9.8 | Codename: wheezy
    - i-MSCP Version: i-MSCP 1.5.3| Build: 20181208 | Codename: Ennio Morricone
    - Plugins installed: ClamAV (v. 1.2.1), Mailgraph (v 1.1.1), OpenDKIM (v 1.1.3), PanelRedirect (v 1.1.5) & SpamAssassin (v 1.1.1)
    - LetsEncrypt (v3.3.0), PhpSwitcher (v 4.0.1), RoundcubePlugins (v 2.0.1)