Learn about Centmin Mod LEMP Stack today
Become a Member

SSL Letsencrypt acmetool defining a completely custom webroot?1.19.2

Discussion in 'Domains, DNS, Email & SSL Certificates' started by Dannymh, Sep 10, 2020.

  1. Dannymh

    Dannymh New Member

    14
    3
    3
    Oct 23, 2014
    Ratings:
    +3
    Local Time:
    1:36 PM
    1.7.x
    5.5
    Please fill in any relevant information that applies to you:
    • CentOS Version: CentOS 7 64bit
    • Centmin Mod Version Installed: 123.09beta01
    • Nginx Version Installed: 1.19.2
    • PHP Version Installed: 7.3.4
    • MariaDB MySQL Version Installed: i.e. 10.2
    • When was last time updated Centmin Mod code base ? : Today
    • Persistent Config: Do you have any persistent config file options set in /etc/centminmod/custom_config.inc ? You can check via this command:
      Code (Text):
      MARCH_TARGETNATIVE='n'
      
      LETSENCRYPT_DETECT='y'
      
      #OPENSSL_VERSION='1.1.1d'
      
      

    Hi, the issue that I am having is that i have a custom webroot for my domain. something like /var/sites/domain.com

    When I run the acmetool it continues to fail as it keeps looking in the default directory of
    /usr/local/nginx/conf/ssl/ or whatever it is.

    If I try to run acmetool.sh acme-menu and then choose the option to renew with custom path, it continues to fail with errors that it gets an invalid response or that it can't find that path.

    If I try to add the custom path instead of taking that path from the root dir, it takes it from the default webroot so it becomes /usr/local/nginx/conf/ssl/var/sites/whaterver.com

    Rather than just going to the expected.

    In the end I created the default path and made it writeable by the script, then I can run the acmetool allow it to create the certs and update the conf. I then go back into the nginx conf file and reset the root to my path.

    That isn't an ideal solution but it at least gets me up and running, long term I would prefer that I could have it auto-renew by having the correct paths. I prefer having a custom path so don't really want to change to default webroots
     
  2. eva2000

    eva2000 Administrator Staff Member

    45,633
    10,356
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,070
    Local Time:
    10:36 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    acme-menu options haven't been really updated in a while, command line method is preferred as per Letsencrypt - Official acmetool.sh testing thread for Centmin Mod 123.09beta01

    specifically Letsencrypt - Official acmetool.sh testing thread for Centmin Mod 123.09beta01

    For a webroot domain validated letsencrypt issuance with custom web root for live web browser trusted SSL certificate would be using webroot-issue command where /home/nginx/domains/domain1.com/customwebroot is your custom web root
    Code (Text):
    cd /usr/local/src/centminmod/addons
    ./acmetool.sh webroot-issue domain1.com /home/nginx/domains/domain1.com/customwebroot lived
    

    in your case should be
    Code (Text):
    cd /usr/local/src/centminmod/addons
    ./acmetool.sh webroot-issue domain.com /var/sites/domain.com lived
    
     
  3. Dannymh

    Dannymh New Member

    14
    3
    3
    Oct 23, 2014
    Ratings:
    +3
    Local Time:
    1:36 PM
    1.7.x
    5.5
    Awesome, will this work to overwrite the existing one and will it automatically create the cron to renew the certificate automatically evern n months