Certificat Let's Encrypt sur le webUI VestaCP
Certificat Let's Encrypt par WEBROOT sur WebUI Vesta
Ajouter /etc/httpd/conf.d/letsencrypt.conf
# Let's Encrypt Webroot Configuration for Apache
#
# In "webroot" mode, the Let's Encrypt client will attempt to write a
# temporary file to the /.well-known/acme-challenge directory within
# the website's root directory in order to perform the domain
# verification. Since every Vesta site has a different
# web root directory, this directive creates an alias that will allow
# the Let's Encrypt Client to write these files to a central location
# that can be accessed from all sites.
Alias /.well-known/acme-challenge /etc/letsencrypt/webroot/.well-known/acme-challenge
# Ensure that the proper Content-type header is returned with
# challenge responses
Header set Content-Type "application/jose+json"
Créer le répertoiremkdir -p /etc/letsencrypt/webroot/.well-known/acme-challenge
Générer le certificat/opt/letsencrypt/certbot-auto certonly --webroot --webroot-path /etc/letsencrypt/webroot --email admin@domaine.fr -d serveur_vesta.domaine.fr
Si le certificat est créé sans erreur :cd /usr/local/vesta/ssl/
# Si les certificats auto-signés d'origine sont toujours en cours, les sauvegarder au cas oùmv certificate.crt certificate.crt.bakmv certificate.key certificate.key.bak
# Créer des liens vers les nouveau certificatsln -s /etc/letsencrypt/live/serveur_vesta.domaine.fr/fullchain.pem certificate.crtln -s /etc/letsencrypt/live/serveur_vesta.domaine.fr/privkey.pem certificate.key
Et finalementsystemctl restart vesta