Let's Encrypt SSL Installation about autom8n HOT 16 CLOSED

nDeloy takes all config info from cPanel's data store. When cPanel install a ssl it stores the crt,key etc location in its datastore.

In short if the plugin installs the ssl correctly in cPanel; nDeploy will pick it up .No issues :)

The plugin should mostly use cPanel API's to install the cert .

Let me know how this goes.

from autom8n.

@trgcyln I haven't tried this on my production server yet, however, I did spin-up a DigitalOcean Droplet and install a cPanel demo earlier this week using the LetsEncrypt plugin you've referenced and it worked well.

SSL Labs provided an A rating from what I recall. I do not remember if I was in proxy or PHP backend mode, though.

Let us know the results here as I'm also considering the purchase.

Cheers!

from autom8n.

FYI - The mode is irrelevant .If it works in one means it will work with any mode for sure .

As far as I can see..it should work. We personally use letsencrypt cert on our website .But that was using the commandline mode and installing it through WHM just like any other cert . The only requirement for the commandline mode is it needs Python2.7 which means its not a straight forward thing in Centos6. But in centos7 default python is 2.7 and it should work flawlessly.

from autom8n.

@AnoopAlias Yeah, my current cPanel server is CentOS 6.7 and the demo server was CentOS 7. Hopefully @trgcyln can advise what their findings are.

from autom8n.

@brianjking, so far not good.

Firstly, they send me the trial license with the name "licence.json", script gave me an error:

Let's Encrypt for cPanel is unlicensed
Child failed to make LIVEAPI connection to cPanel.Cache-Control: no-cache
Content-type: text/html; charset="utf-8"

<error>[A fatal error or timeout occurred while processing this directive.]</error>

So , I had to manually rename "licence.json", into "letsencrypt-cpanel.licence".

When I was registering, I used my WHM domain name ""whm.mydomain.com" because they suggested this format.

I tried to restart the service now I'm getting this error:

2016/02/05 19:52:11 Licence is not for this hostname

So I went back to trial request form and tried to register my domain as "mydomain.com" but it says that it is already registered.

I'm gonna try installing wtih this guide. I hope it won't break my server.

https://forums.cpanel.net/threads/how-to-installing-ssl-from-lets-encrypt.513621/

from autom8n.

I have managed to install Let's Encrypt SSL.

Someone developed an automated script for Centos 6.x which is free. Thanks for that.
https://bitbucket.org/webstandardcss/lets-encrypt-for-cpanel-centos-6.x

In the cpanel ( SSL/TLS Section) I'm able to see that Let's Encrypt SSL is installed but I didnt understand that if it works or not.

It says

`Domains Issuer Expiration (UTC) Key Size Description Actions
mydomain.com Let's Encrypt 5/5/16 2048 mydomain.com and www.mydomain.com

I'm trying to connect my site as https://mydomain.com
And I'm getting "ERR_CONNECTION_REFUSED".

Am I missing something ?

from autom8n.

It was the WHM domain name that causing errors so I asked plugin maker to send me a new license.

Ok Succesfully installed Let's Encrypt SSL plugin in my WHM.

But I'm still getting "ERR_CONNECTION_REFUSED"

I guess Im gonna have to edit nginx configuration files ?

Am I right ?

from autom8n.

@trgcyln You're not setup properly.

Try checking out something like this: https://gethttpsforfree.com/

Also, check https://support.sysally.net/projects/ndeploy/wiki/Http_to_https_redirection for how to configure with nDeploy.

from autom8n.

@brianjking I finally managed to install it.

I had to reinstall ndeploy, and it looks like it is updated to a new version. Anyway, everything works perfectly. I'm able to enter my sites via https.

Plugin is working perfetly and I have installed on my production server which has 15 domains on it.

Feel safe to install it.

from autom8n.

Which version of CentOS are you using? Which LetsEncrypt plugin did you use?

from autom8n.

@brianjking
CENTOS 6.7 x86_64
Plugin: https://letsencrypt-for-cpanel.com/

You need to run "/opt/nDeploy/scripts/attempt_autofix.sh" script when you add a new SSL to a new site.
If you dont, letsencrypt plugin keeps saying "Not Installed" in the SSL Section, Cpanel.
I'm not so sure but i think it is about nginx conf files so I forced them to regenerate.

Important: When you request for a license, be careful to put in the right hostname which is shown in the WHM , Change Hostname section -> Current Hostname
Use exactly same hostname in the license request otherwise it will cause problems.

Also, I spoke with the plugin maker, and license is per server. No matter how many IP adresses that your server have. License is binded on the server hostname.
So let's say you have 5 different IPs and 50 domains, 30$ license will cover all of them.

from autom8n.

Ideally ..it should work automatically and there should be no need to run attempt_autofix

After you install the cert and before you run attempt autofix what is the output of
nginx -t

Also check the file

/var/cpanel/userdata/USER/domain.com_SSL

and see if it contains the letsencrypt certificate location. If it does nDeploy should pick it up automatically.

from autom8n.

@AnoopAlias
@brianjking

You are right, I think I have messed up some configuration on those domains so thats why I had to run "autofix.sh". It worked perfectly on other domains that I didn't touch.
By the time I hit on "Install Certificate", it is done.
Also it renews the certificate automatically.

I can confirm that this plugin has 0% conflict with nDeploy and both working great.
I'm on CENTOS 6.7 x64, WHM with nDeploy installed.

screenshots :
http://prntscr.com/9zyi4y
http://prntscr.com/9zyj4e
http://prntscr.com/9zyhfk

from autom8n.

cool . I will close this now

from autom8n.

@trgcyln Things still working well with https://letsencrypt-for-cpanel.com/?

You're on CentOS 6.x, right?

from autom8n.

FYI letsencrypt is now centos6 compatible

from autom8n.