kess Thank you for your work!
The certificates are created correctly, but the apache vhost ssl.conf files are no longer created automatically ...
They all are created correctly for me... on all of my servers
The only issue is that sometimes you need to revoke and then recreate the certificate in order to work correctly.
Hi fulltilt ,
thx for your reply.
With that solution, nothing has been changed in i-MSCP files or Database, everything is original.
Regarding snapd, it runs in its own sandbox... everything you have on your systems is included in /snap directory.
Problems ? I can't see... but if you don't like it in 1 or 2 years, just uninstall it using apt or apt-get and everything will be exactly as before...
certbot-auto has become unsupported, this is the only official method for managing LE Certs (Certbot documentation on eff.org).
I didn't test using the Debian Packaged Certbot in order to see if it works... I don't know if the new chains are managed or not. I'm sure the --preferred-chain option will not work on version 0.28.0 (Debian 9 packaged version).
It's up to you...
Bye Kess
Hello guys,
there you can find the solution I've adopted in order to get the systems working with every type of certificate (self signed, from CA or Let's Encrypt)
I didn't change absolutely nothing in the code of i-MSCP, everything is original.
The following has been tested ONLY on Debian Stretch x64, with a standard i-MSCP installation. No strange things.
1. Integrate the new LE CAs in your system:
Here a Dialog appears.
- In the first dialog choose "yes"
- In the second select your new 7 CA certificates to import and then click OK
The result should be as follows:
2. Remove any previous certbot versions:
3. Install the new and supported certbot version
4. Optional, but recommended, edit the file /var/www/imscp/gui/plugins/LetsEncrypt/config.php and update the section as follows:
Save and close;
5. Remove previous symlinks that could still exist, we'll fix them in next steps:
6. HIT THE "UPDATE PLUGINS" BUTTON here: https://your.server.panel:1234/admin/settings_plugins.php
If everything goes well, the LE Plugin will reconfigure.
7. Now it's time to fix the symlinks:
8. Now a little check:
9. And the final check:
Now your system will have:
- The new CA from LE that it didn't have before
- The new supported version of certbot that knows the new chains
I tested the procedure on more boxes and it works for certificates creation and for certificates revocations. I don't know if it works for renewals. Please test it and kindly report back.
Hope it helps,
bye Kess.
Pourquoi est-ce que tu veux utilizer les versions compilées quand les versions packaged de sury.org marchent parfaitement ?
There are no sury.org php packages for 16.04. The oldest published packages are for Bionic (18.04)
You can see the full list here: https://launchpad.net/~ondrej/…ield.series_filter=bionic
Here you can find all the needed documentation on how to setup and configure a packaged version.
https://wiki.i-mscp.net/doku.php?id=plugins:phpswitcher
A packaged version can be installed with apt-get and the packages will be downloaded from here: https://packages.sury.org/php/
Hope it finally helps
Please use sury.org to install all your needed PHP versions and additional modules.
Easyer, always up to date and simply working !
memcache shouldnt be installed using apt-get, you should check if it's present as memcache.so in your /opt/...... directory.
If not install it using pecl.
Btw, try to use sury repository. It has everything built for you, ready to be installed using apt-get and used !
