This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
plugins:letsencrypt [2016/11/23 16:21] nuxwin |
plugins:letsencrypt [2016/11/23 16:29] nuxwin [Note for PanelRedirect plugin users] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== LetsEncrypt Plugin ====== | ====== LetsEncrypt Plugin ====== | ||
- | ====== Introduction ====== | + | <WRAP center round important 60%> |
+ | **Be aware that this documentation is always referring to the latest LetsEncrypt plugin version.** | ||
+ | </WRAP> | ||
+ | ===== Introduction ===== | ||
This plugin provides free SSL certificates through the Let's Encrypt CA. | This plugin provides free SSL certificates through the Let's Encrypt CA. | ||
Line 17: | Line 20: | ||
You can install these packages by executing the following commands: | You can install these packages by executing the following commands: | ||
- | <konsole root> | + | # apt-get update |
- | apt-get update | + | # apt-get install -y libarray-diff-perl libconvert-asn1-perl libdatetime-format-strptime-perl |
- | apt-get install -y libarray-diff-perl libconvert-asn1-perl libdatetime-format-strptime-perl | + | |
- | </konsole> | + | |
===== Installation ===== | ===== Installation ===== | ||
- | |||
- Be sure that all requirements as stated in the requirements section are met | - Be sure that all requirements as stated in the requirements section are met | ||
- Upload the plugin through the plugin management interface | - Upload the plugin through the plugin management interface | ||
Line 45: | Line 45: | ||
===== Manual execution of the certbot client ===== | ===== Manual execution of the certbot client ===== | ||
- | You should avoid execute the `Certbot` client manually, or even through your own scripts, without knowing what your are doing. If you really want execute the `Certbot` client manually, you should at least reuse the email that is used by this plugin. You can find the email address in the /etc/imscp/imscp.conf file (DEFAULT_ADMIN_ADDRESS parameter). | + | You should avoid execute the Certbot client manually, or even through your own scripts, without knowing what your are doing. If you really want execute the `Certbot` client manually, you should at least reuse the email that is used by this plugin. You can find the email address in the /etc/imscp/imscp.conf file (DEFAULT_ADMIN_ADDRESS parameter). |
Be aware that not support will be given if following a manual invocation of the Certbot client, one or many of your SSL lineages are in inconsistent states. | Be aware that not support will be given if following a manual invocation of the Certbot client, one or many of your SSL lineages are in inconsistent states. | ||
Line 51: | Line 51: | ||
===== Certbot client version ===== | ===== Certbot client version ===== | ||
- | It is possible to use latest released version or development version of the Certbot client by changing the value of the `certbot_version` configuration parameter in the plugin configuration file. Be aware that usage of the development version is discouraged in production environments. | + | It is possible to use latest released version or development version of the Certbot client by changing the value of the **certbot_version** configuration parameter in the plugin configuration file. Be aware that usage of the development version is discouraged in production environments. |
===== Let's Encrypt registration ===== | ===== Let's Encrypt registration ===== | ||
Line 57: | Line 57: | ||
The plugin automatically process your Let's Encrypt account registration, using the administrator email address that you have provided during i-MSCP setup phase. If you need change that email, you must not forget to run the following command to update your Let's Encrypt account: | The plugin automatically process your Let's Encrypt account registration, using the administrator email address that you have provided during i-MSCP setup phase. If you need change that email, you must not forget to run the following command to update your Let's Encrypt account: | ||
- | <konsole root> | + | # certbot-auto register --update-registration --email <new_email> |
- | certbot-auto register --update-registration --email <new_email> | + | |
- | </konsole> | + | |
- | where `<new_email>` is your new email address. | + | where **<new_email>** is your new email address. |
If you don't do so, a new account will be created using the new email address and there will be inconsistencies with SSL certificate lineages, making the plugin unable to work properly. | If you don't do so, a new account will be created using the new email address and there will be inconsistencies with SSL certificate lineages, making the plugin unable to work properly. | ||
Line 69: | Line 67: | ||
Be sure to read https://letsencrypt.org/docs/rate-limits | Be sure to read https://letsencrypt.org/docs/rate-limits | ||
- | Note that when the Let's Encrypt limits are reached, the plugin will automatically set the status of the SSL certificate to `pending`. The pending tasks are postponed as long as the limits are not released. | + | Note that when the Let's Encrypt limits are reached, the plugin will automatically set the status of the SSL certificate to **pending**. The pending tasks are postponed as long as the limits are not released. |
===== Let's Encrypt SSL certificates for the control panel and services (FTP, IMAP/POP and SMTP) ===== | ===== Let's Encrypt SSL certificates for the control panel and services (FTP, IMAP/POP and SMTP) ===== | ||
Line 91: | Line 89: | ||
===== Note for PanelRedirect plugin users ===== | ===== Note for PanelRedirect plugin users ===== | ||
- | If you use the `PanelRedirect` plugin, you must ensure that you have a version greater or equal to `1.1.5`, else, the domain validations will fail. | + | If you use the PanelRedirect plugin, you must ensure that you have a version greater or equal to **1.1.5**, else, the domain validations will fail. |
===== SANs for alternative URLs ===== | ===== SANs for alternative URLs ===== | ||
Line 114: | Line 112: | ||
i-MSCP LetsEncrypt plugin | i-MSCP LetsEncrypt plugin | ||
+ | | ||
@author Laurent Declercq <[email protected]> | @author Laurent Declercq <[email protected]> | ||
@author Ninos Ego <[email protected]> | @author Ninos Ego <[email protected]> | ||
Line 123: | Line 121: | ||
See the LICENSE file inside the archive for further details. | See the LICENSE file inside the archive for further details. | ||
- | Sponsors | + | ===== Sponsors ===== |
The development of this plugin has been sponsored by: | The development of this plugin has been sponsored by: |