This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

[Module] Let's Encrypt
#21
RE: [Module] Let's Encrypt
(03-24-2019, 06:32 AM)fearworks Wrote: Also, it would be nice if you made the "Adding CAA entry on DNS for letsencrypt.org" optional within the admin settings as some people may not want their DNS messing with without permission Big Grin

I think, i will create two options:
  • In admin settings, you can enable/disable these feature completely
  • If it's enabled, the user can select/deselect these option for the domain
About your idea, i will move this ToDo entry to version 1.0.5, because here i will implement a better handling for creation with these settings.
Reply
Thanks given by:
#22
RE: [Module] Let's Encrypt
(03-23-2019, 07:04 PM)Bizarrus Wrote: You can check the log files. With no informations, i can't help out.

Which apache modules are installed?

My first thought: open basedir restrictions

On simple test with an online sandbox (http://sandbox.onlinephpfunctions.com/) with PHP 5.6.29, i've got following error:

And i think, that's the problem. I will try to solve these for older PHP versions.

Can you try to modify following lines to solve the problem?
/etc/sentora/panel/modules/letsencrypt/code/controller.ext.php
PHP Code:
// From
require_once(dirname(__FILE__1) . '/ACMECert.php');
require_once(
dirname(__FILE__1) . '/TLD.php');
require_once(
dirname(__FILE__1) . '/LetsEncrypt.php');

// To
require_once('ACMECert.php');
require_once(
'TLD.php');
require_once(
'LetsEncrypt.php'); 

yep this worked, but there was no TLD.php included so i guess that's part of the section your working on? Tongue

My Sentora DemoMy GithubAuxio Github
Zentora themeS-Type themeCstyleX theme
flat-color-iconssmall-n-flat-icons

Sentora's development takes way too long, so i'm transitioning to HestiaCP.
Reply
Thanks given by:
#23
RE: [Module] Let's Encrypt
(03-24-2019, 08:52 PM)Ron-e Wrote: yep this worked, but there was no TLD.php included so i guess that's part of the section your working on? Tongue

Oh, yep Big Grin thats my bad!
Reply
Thanks given by:
#24
RE: [Module] Let's Encrypt
Now, i have rolled out the Version 1.0.4!

Changelog: https://github.com/Bizarrus/Sentora-Lets.../README.md
Current ToDo: https://github.com/Bizarrus/Sentora-Lets....4/ToDo.md

The Wildcard features are currently EXPERIMENTAL, because its hard work with the performance. Let's Encrypt can only resumed, when the _acme-challenges are published on DNS. The implementation will take several days in advance, it's to complex for a development process in few hours! More Informations on the Changelog (GitHub)
Reply
Thanks given by:
#25
RE: [Module] Let's Encrypt
(03-25-2019, 06:51 AM)Bizarrus Wrote: Now, i have rolled out the Version 1.0.4!

Changelog: https://github.com/Bizarrus/Sentora-Lets.../README.md
Current ToDo: https://github.com/Bizarrus/Sentora-Lets....4/ToDo.md

The Wildcard features are currently EXPERIMENTAL, because its hard work with the performance. Let's Encrypt can only resumed, when the _acme-challenges are published on DNS. The implementation will take several days in advance, it's to complex for a development process in few hours! More Informations on the Changelog (GitHub)

I am wondering what the point of the "Nameservers" section is? For one of my domains it tells me:


Code:
The domain example.co.uk is not managed by the name server ns1.example.co.uk, ns2.example.co.uk!
NS 1: ns1.mydns.com
NS 2: ns2.mydns.com
NS 3: ns3.mydns.com


and suggests that something is incorrect, using red text etc.

I am not sure what this has to do with Let's Encrypt certificates anyway, but there is nothing wrong with my DNS configuration.

Also I would like to suggest a few spelling/language corrections to some of the messages in the "controller.ext.php" file, and I hope you don't mind Smile :

Code:
The SSL certificate has been created.
The wildcard certificate has been requested. It takes up to 24 hours for the wildcard certificate to be delivered.
The wildcard certificate already exists.
The wildcard certificate has already been requested.
The SSL certificate already exists.
You can\'t revoke the certificate, it doesn\'t exist.
Error retrieving the Let\'s Encrypt certificate.
Error retrieving the Let\'s Encrypt wildcard certificate.
The SSL certificate has been revoked.
The SSL certificate can\'t be revoked. There was an internal error.
You can\'t renew the certificate as it doesn\'t exist.
The certificate can\'t be renewed.
The settings have been saved.
You do not have permission to perform this action!


Keith.
Reply
Thanks given by:
#26
RE: [Module] Let's Encrypt
This is only for Wildcards!
The domain must be managed by Sentora's DNS, otherwise the plugin cant manage the _acme-challenges of the domain for validation.External Nameservers are not supported, because when the wildcard certificate will be requested, you must add cryptographic tokens as an TXT record. Thats not possible on external DNS. A manual update by the user will break the process and generates much of overhead, because the script must wait if the TXT records available - See here: https://github.com/skoerfgen/ACMECert/is...-475924357

By default, the Nameserver configuration for Sentora's DNS ist n1./ns2.$domain.

Thanks for fix some typos, if you like, you can edit these directly on GitHub Smile
Reply
Thanks given by:
#27
RE: [Module] Let's Encrypt
(03-25-2019, 03:30 PM)Bizarrus Wrote: This is only for Wildcards!
The domain must be managed by Sentora's DNS, otherwise the plugin cant manage the _acme-challenges of the domain for validation.External Nameservers are not supported, because when the wildcard certificate will be requested, you must add cryptographic tokens as an TXT record. Thats not possible on external DNS. A manual update by the user will break the process and generates much of overhead, because the script must wait if the TXT records available - See here: https://github.com/skoerfgen/ACMECert/is...-475924357

By default, the Nameserver configuration for Sentora's DNS ist n1./ns2.$domain.

Thanks for fix some typos, if you like, you can edit these directly on GitHub Smile

Ah OK, forgive me. I have not done much with wildcard LE certificates but that makes sense. Perhaps it would be worth adding something to make it clear that this matters only for wildcard certificates?

Keith
Reply
Thanks given by:
#28
RE: [Module] Let's Encrypt
Yep, on the next release, i will change this for only wildcards.

The problem is the mechanism:
Single-Domain certificates will be validated over an generated public file, there will placed into /.well-known/. Wildcard certificates will be validated over an TXT entry in DNS, because only the real domain owner has access to it.

Both processes have different methos. And that is, why the Wildcard process is little bit more tricky as single-domain certs.
Reply
Thanks given by:
#29
RE: [Module] Let's Encrypt
Hi, trying to install gives me an error on Centos6:
Parse error: syntax error, unexpected '[' in /etc/sentora/panel/modules/letsencrypt/deploy/install.run on line 7
Reply
Thanks given by:
#30
RE: [Module] Let's Encrypt
Which PHP version do you run? Seems, you've run the PHP with very old versions under 5.4/5.6
Reply
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
[Module] ELFileManager (build on elfinder) Diablo925 94 289 ,119 05-30-2024, 05:25 AM
Last Post: TGates
[MODULE] phpMyAdmin-AU (Auto-Update) TGates 14 44 ,935 06-15-2021, 06:54 AM
Last Post: TGates
[MODULE] SenBrand - Basic Branding module for Sentora TGates 20 49 ,449 06-04-2021, 11:47 AM
Last Post: ccr1969

Forum Jump:


Users browsing this thread: 1 Guest(s)