This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

[Request] Lets encrypt Certificate manager Module.
#1
[Request] Lets encrypt Certificate manager Module.
Today I just installed Santora panel. and the first look was awesome! 
I like each and every feature of it. But it lacks an important feature which is, let's encrypt support.

is there any module available to enable let's encrypt support?
Reply
Thanks given by:
#2
RE: [Request] Lets encrypt Certificate manager Module.
(06-14-2017, 05:52 AM)bubundas17 Wrote: Today I just installed Santora panel. and the first look was awesome! 
I like each and every feature of it. But it lacks an important feature which is, let's encrypt support.

is there any module available to enable let's encrypt support?

Sentora actually supports let's encrypt. but not sure if there is a module to install. you can do it manually! checkout these tutorials:

Sentora login: http://docs.sentora.org/?node=102

Any other domains: http://docs.sentora.org/?node=103
Reply
Thanks given by: bubundas17
#3
RE: [Request] Lets encrypt Certificate manager Module.
okey but it is the native way to install letsencrypt. Nothing is new in it.
it would be great if there is any other way to allow normal sentora panel users to add lets encrypt support to their domain.
Reply
Thanks given by:
#4
RE: [Request] Lets encrypt Certificate manager Module.
(06-14-2017, 03:36 PM)bubundas17 Wrote: okey but it is the native way to install letsencrypt. Nothing is new in it.
it would be great if there is any other way to allow normal sentora panel users to add lets encrypt support to their domain.
Not exactly the 'native way' as it is customized for Sentora configs Wink
But, there is no Let's Encrypt module yet. I started working on one but have not had the time to continue on with it lately.
The main problem is getting apache and root to play together nicely through the module. Some parts work, others do not because I haven't sorted out how to get apache to tell root what to do, like grab the certificate files.
So far, it creates all the config changes, appearance is OK, main issue is grabbing and writing the certificates. (Permission issues with apache and root.)
The current mess is on my GitHub here: https://github.com/TGates71/sencrypt
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:
#5
RE: [Request] Lets encrypt Certificate manager Module.
not bad tom but it's only for ubuntu

those who are on centos that I find more stable for me

could not install it would be better to make a multisystem version

by applying the same commands as that of the doc

then there would just have to add the apache config

in your place I would not change the original apache configuration

nor even use the modules provided by the system

I would simply install like this for my part

Code:
exec("git clone https://github.com/letsencrypt/letsencrypt /usr/local/letsencrypt");
exec("ln -s /usr/local/letsencrypt/letsencrypt-auto /usr/local/bin/letsencrypt-auto");

once it's small order run

it only remains to call letsencrypt-auto

with exec and modify the apache config

for whom the generator as indicate in the doc

Code:
SSLEngine on

SSLProtocol ALL -SSLv2 -SSLv3

SSLHonorCipherOrder On

SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS

SSLCertificateFile /etc/letsencrypt/live/domain.com/cert.pem

SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem

SSLCertificateChainFile /etc/letsencrypt/live/domain.com/chain.pem

# Keeping bellow for future upgrades.

# Requires Apache >= 2.4

SSLCompression off

I do not remember the parameters but there is an option

to launch letsencrypt-auto in silent mode

without any user interaction

advantage also letsencrypt-auto works just as well to create the certificate
than to renew it

the order and totally identical

edit I find the command to run it silently eg

Code:
letsencrypt-auto certonly --standalone -d domain.com -n --agree-tos -m contact@sentora.org
Reply
Thanks given by:
#6
RE: [Request] Lets encrypt Certificate manager Module.
This has actually been updated elsewhere to use the newer HTTP AUTH which is much more simple. You nolonger need to start/stop apache to add domains.
Code:
create certificates:

   sudo certbot certonly --webroot -w /var/sentora/hostdata/[client]/public_html/domain_com -d domain.com -d www.domain.com

update certificates after running the above with no errors:

   sudo certbot renew

revoke a certificate:

    sudo certbot revoke --cert-path /etc/letsencrypt/archive/domain.com/cert1.pem
    
    it will ask if you want to delete the related certificates, select Y and hit enter.
Unfortunately certificates still need to be created manually. I made a module to work with the older method of certbot, but they changed something and it no longer works. I need to update it to use this newer method. The difficult problem is getting the daemon (more specifically the module's OnDaemonRun.hook.php) to execute the above command line actions. The module is basically done, it just needs a fresh set of eyes to find the error and add the revoke coding.
https://github.com/TGates71/sencrypt

If it can be made to run command line functions, the code can be stripped down to about 1/4 of what it is now.
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
https without certificate redirects to panel iraqiboy90 10 22 ,751 02-28-2021, 11:20 AM
Last Post: iraqiboy90
How To Add Letsencrypt SSL certificate To Domain Centos 7 franselect 1 4 ,765 07-04-2020, 02:55 AM
Last Post: Feilding Weather
DNS Manager - Unable to find requested module! obrempong7 0 2 ,840 11-18-2019, 07:59 AM
Last Post: obrempong7

Forum Jump:


Users browsing this thread: 2 Guest(s)