Welcome to Centmin Mod Community
Become a Member

Letsencrypt Official acmetool.sh testing thread for Centmin Mod 123.09beta01

Discussion in 'Domains, DNS, Email & SSL Certificates' started by eva2000, Jul 26, 2016.

  1. eva2000

    eva2000 Administrator Staff Member

    53,614
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    10:47 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    yup that would block things :) that location context should either be removed or commented out in latest centmin mod nginx vhost templates already

     
  2. eva2000

    eva2000 Administrator Staff Member

    53,614
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    10:47 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    New version update to acmetool.sh 1.0.21 fixing renew days to 60 day renewal :)
     
  3. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    8:47 AM
    Mainline
    10.2
    Can I use this to issue a Certificate for a Live Site / Files and Folders / nginx domain config already present?
    And this tool will setup auto renew also?

    Thanks!
     
  4. pamamolf

    pamamolf Premium Member Premium Member

    4,070
    427
    83
    May 31, 2014
    Ratings:
    +832
    Local Time:
    3:47 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    Yes for both :)
     
  5. eva2000

    eva2000 Administrator Staff Member

    53,614
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    10:47 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yes acmetool.sh should work on existing site or new but it tries to auto modify nginx vhost files and sometimes that doesn't work well due to how the existing nginx vhost might have been structured and modified presently. So you can also do it the safe way via manual method outlined in 1st post of this thread Migrating Existing Nginx Vhost From HTTP to HTTP/2 based HTTPS With Letsencrypt SSL Certificates. The manual way means you follow a set of instructions to issue and get Letsencrypt SSL certificate and manually make changes to your existing nginx vhost config file.
     
  6. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    8:47 AM
    Mainline
    10.2
    Will this tool also work on a site with fully working HTTPS already?
    I want to replace Comodo Positive SSL.
     
  7. eva2000

    eva2000 Administrator Staff Member

    53,614
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    10:47 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  8. Simon Brown

    Simon Brown Member

    55
    6
    8
    Feb 9, 2017
    Ratings:
    +18
    Local Time:
    1:47 AM
    1.11.9
    Hi, how stable is the acmetool now. Would it be okay to start to use it on a live server (in your opinion)?
     
  9. eva2000

    eva2000 Administrator Staff Member

    53,614
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    10:47 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    it's okay for fresh new nginx vhost sites just not as stable for existing nginx vhost sites due to possibility of messing with existing nginx vhost settings in unexpected ways so needs more testing by users with varying nginx vhosts settings that differ from what is standard. The further testing really requires end user feedback and testing to improve but as there's not much testing or feedback, it's still in beta testing status generally.

    Or just use one of these 2 guides
     
  10. joshuah

    joshuah Member

    121
    14
    18
    Apr 3, 2017
    Ratings:
    +17
    Local Time:
    11:47 AM
    Hi, may seem like a silly question.. however, on the guide it says that it will create a vhost for you, what do you do if you want to install wordpress using option 22 with SSL? I am trying to avoid having to manually enter config files, etc.
     
  11. eva2000

    eva2000 Administrator Staff Member

    53,614
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    10:47 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    123.09beta01 centmin.sh menu option 22 supports acmetool.sh and letsencrypt setup just like centmin.sh menu option 22 as long as you enable LESTENCRYPT_DETECT='y' in persistent config file /etc/centminmod/custom_config.inc as directed in 1st post of this thread. Example of what you should see on centmin.sh menu option 22 for letsencrypt related options https://community.centminmod.com/th...ntmin-mod-123-09beta01.8290/page-3#post-34896 just answer option 4 for live https letsencrypt cert
    Code (Text):
    -------------------------------------------------------------
    Setup full Nginx vhost + Wordpress + WP Plugins
    -------------------------------------------------------------
    
    Enter vhost domain name you want to add (without www. prefix): acme3.domain1.com
    
    Create a self-signed SSL certificate Nginx vhost? [y/n]: n
    Get Letsencrypt SSL certificate Nginx vhost? [y/n]: y
    
    You have 4 options:
    1. issue staging test cert with HTTP + HTTPS
    2. issue staging test cert with HTTPS default
    3. issue live cert with HTTP + HTTPS
    4. issue live cert with HTTPS default
    Enter option number 1-4: 4
    
     
  12. joshuah

    joshuah Member

    121
    14
    18
    Apr 3, 2017
    Ratings:
    +17
    Local Time:
    11:47 AM
    Hm... odd! I install acmetool successfully, I also appended the variable.. then restarted nginx and ran the option 22, but i was not prompted for "Get Letsencrypt SSL certificate Nginx vhost? [y/n]:" - any ideas?
     
  13. eva2000

    eva2000 Administrator Staff Member

    53,614
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    10:47 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    you need to set LETSENCRYPT_DETECT='y' in persistent config file /etc/centminmod/custom_config.inc BEFORE you run centmin.sh itself otherwise it isn't detected
     
    Last edited: Apr 17, 2017
  14. joshuah

    joshuah Member

    121
    14
    18
    Apr 3, 2017
    Ratings:
    +17
    Local Time:
    11:47 AM
    Yeah. Already there:
    Code:
    cat /etc/centminmod/custom_config.inc
    CLANG='n'
    PHP_PGO='y'
    GCCINTEL_PHP='y'
    DEVTOOLSETSIX='n'
    NGINX_DEVTOOLSETGCC='y'
    NGXDYNAMIC_BROTLI='y'
    NGINX_LIBBROTLI='y'
    NGXDYNAMIC_NGXPAGESPEED='y'
    NGINX_PAGESPEED='y'
    LESTENCRYPT_DETECT='y'
    
     
  15. joshuah

    joshuah Member

    121
    14
    18
    Apr 3, 2017
    Ratings:
    +17
    Local Time:
    11:47 AM
    Code:
    -----------------------------------------------------
    check acme auto renew cronjob setup:
    -----------------------------------------------------
    51 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
    -----------------------------------------------------
    acme.sh installed
    -----------------------------------------------------
    It is installed, hmm...
     
  16. joshuah

    joshuah Member

    121
    14
    18
    Apr 3, 2017
    Ratings:
    +17
    Local Time:
    11:47 AM
    As a bit of further information. I just ran
    Code:
    ./acmetool.sh issue domain.tld lived
    and it created the vhost and the SSL worked. It is just not working for the wordpress for some reason?
     
  17. eva2000

    eva2000 Administrator Staff Member

    53,614
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    10:47 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    strange then.. let me double check on my end

    edit: you're right it skips to theme setup question instead of a letsencrypt related question
    Code (Text):
    
    Do you want to continue with Nginx vhost site creation ? [y/n] y
    
    Enter vhost domain name you want to add (without www. prefix): acme.domain.com
    
    Create a self-signed SSL certificate Nginx vhost? [y/n]: n
    Theme Setup: 
    Install CyberChimps Responsive Theme (cyberchimps.com/responsive-theme/) [y/n]:
    
     
  18. joshuah

    joshuah Member

    121
    14
    18
    Apr 3, 2017
    Ratings:
    +17
    Local Time:
    11:47 AM
    Phew! I thought I did something wrong!
     
  19. eva2000

    eva2000 Administrator Staff Member

    53,614
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    10:47 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    my mistake typo it's LETSENCRYPT_DETECT='y' S after T hehe
     
  20. joshuah

    joshuah Member

    121
    14
    18
    Apr 3, 2017
    Ratings:
    +17
    Local Time:
    11:47 AM
    HAHA! It's that time of the morning, so completely understand :) Yes, that works now. Thanks!