Use Let’s Encrypt certificate in VestaCP


EXAMPLE 1:

Example for main domain, after the installation of VestaCP, we see the login information:

https://tutorialspots.com:8083
username: admin
password: xxxxxxxxxxxx

I. Create certificate for main domain (tutorialspots.com)

Step I.1: clone from github

https://github.com/certbot/certbot

Step I.2: create certificate
See: How to renew Let’s Encrypt certificate on CentOS with NGINX

Ia. Or you can install Let’s Encrypt Wildcard SSL

II. copy or create symlink

Example create symlink:

rm -f /usr/local/vesta/ssl/certificate.crt
rm -f /usr/local/vesta/ssl/certificate.key
ln -s /etc/letsencrypt/archive/tutorialspots.com/cert1.pem /usr/local/vesta/ssl/certificate.crt
ln -s /etc/letsencrypt/archive/tutorialspots.com/privkey1.pem /usr/local/vesta/ssl/certificate.key

Example copy files:

cp /etc/letsencrypt/archive/tutorialspots.com/cert1.pem /usr/local/vesta/ssl/certificate.crt 
cp /etc/letsencrypt/archive/tutorialspots.com/privkey1.pem /usr/local/vesta/ssl/certificate.key

III. restart VestaCP

service vesta restart

EXAMPLE 2:

Use Let’s encrypt for other websites:

I. go to https://tutorialspots.com:8083/edit/web/?domain=tutorialspots.com

Check SSL Support and Lets Encrypt Support

You can choose SSL Home is public_html or public_shtml

SSL Support and Lets Encrypt Support

Then click Save

Now you will see in folder /home/admin/conf/web four files:

ssl.tutorialspots.com.ca
ssl.tutorialspots.com.crt
ssl.tutorialspots.com.key
ssl.tutorialspots.com.pem

Like Example 1, you can create Wildcard SSL or standard SSL, and you can copy or make symlinks to theses files

II. restart vesta

service vesta restart

Example 2: Method 2: If you have already the certificate

I. Create file /home/admin/conf/web/nginx.tutorialspots.com.conf_ssl with content:

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tutorialspots.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tutorialspots.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

II. restart nginx

service nginx restart

Recent search terms:

  • Vesta CP wildcard ssl

Leave a Reply