Free SSL certificates through Let's Encrypt

    Just wondering if I understood it right. When public beta starts I can just start entering the "letsencrypt-auto certonly ......" command and validation will incur during installation? No application at letsencrypt.org is necessary anymore?

    i-MSCP 1.5.3 | Ubuntu 18.04

    Yes, but nothing will be installed.


    Only the certificates will be created in /etc/letsencrypt/archive/domain.com/ directory and a link will be set into /etc/letsencrypt/live/domain.com/ with the latest certificate version.

    Thank you @mrpink ... yes I meant creation of the certificates. I have already three letsencrypt certificates and just can't wait replacing my other startssl certificates with letsencrypt :-)

    i-MSCP 1.5.3 | Ubuntu 18.04

    Me too. :)



    Public beta rate limits

    • Rate limit on registrations per IP is currently 10 per 3 hours
    • Rate limit on certificates per Domain is currently 5 per 7 days

    wohooo ... it's working. Everything worked great. Just got the message

    Code
    1. Use of --agree-dev-preview is deprecated.

    So I guess I can skip this command next time.

    i-MSCP 1.5.3 | Ubuntu 18.04

    Hallo,


    when I have the certificates what must I do in i-MSCP ?


    Kind regards
    Viktor

    - Distribution: Debian | Release: 8.10 | Codename: jessie

    - i-MSCP Version: i-MSCP 1.5.3 | Build: 20180516 | Codename: Ennio Morricone

    - Plugins installed: ClamAV (v. 1.3.0), Mailgraph (v 1.1.1), OpenDKIM (v 2.0.0), PanelRedirect (v 1.2.0) & SpamAssassin (v 2.0.1)

    - LetsEncrypt (v 3.6.0), PhpSwitcher (v 5.0.5), RoundcubePlugins (v 2.0.2)

    For admin panel (nginx) or imscp services (courier/dovecot, postfix, proftpd) you have to do these steps:


    The setps 2 - 5 have to be done twice. Once for the panel domain and another time for the imscp services.



    For a customer domain follow this howto:


    • Go to the letsencrypt certificate directory:

      Code
      1. cd /etc/letsencrypt/live/domain.com
    • Open the file privkey.pem and copy the content into the input field Private key of the customer domain in the i-MSCP panel.
    • Open the file cert.pem and copy the content into the input field Certificate of the customer domain in the i-MSCP panel.
    • Open the file chain.pem and copy the content into the input field Intermediate certificate(s) of the customer domain in the i-MSCP panel.
    • Click on Add or Update button.


      SSL_certificate.png



    WARNING: More advanced howto for the panel certificate (you should know what you do):


    • Backup your current certificates:

      Code
      1. cp -a /etc/imscp/panel.domain.com.pem /etc/imscp/panel.domain.com.pem.BAKcp -a /etc/imscp/imscp_services.pem /etc/imscp/imscp_services.pem.BAK
    • Go to the letsencrypt certificate directory:

      Code
      1. cd /etc/letsencrypt/live/domain.com
    • Execute the following:

      Code
      1. cat privkey.pem > /etc/imscp/panel.domain.com.pemcat cert.pem >> /etc/imscp/panel.domain.com.pemcat chain.pem >> /etc/imscp/panel.domain.com.pem
    • Copy the panel certificate file to the imscp services certificate file:

      Code
      1. cp -a /etc/imscp/panel.domain.com.pem /etc/imscp/imscp_services.pem
    • Restart the services:

      Code
      1. service nginx restart
      2. service dovecot/courier restart
      3. service postfix restart
      4. service proftpd restart

    @mrpink for services and panel I recommend the official way perl imscp-autoinstall -dr ssl panel_ssl. Just if someone don't want to rerun the installer and already have certs installed he can go your way (still not supported). Think it's better before someone breaks his system :D