How to Correctly Set up and Install Let's Encrypt with VestCP & Digital Ocean

Hey Community,

I currently in need of some help to properly install and set up Let’s Encrypt with a VestaCP and Digital Ocean VPS.
I use the setup for hosting my own personal site as well as potential client sites.

I have tried numerous times with some of the docs provided by digital ocean online but it has never seemed to work. I got a conformation with the client that it worked but when i enter my domain it has never seemed to show the encryption lock icon. I want to be able to issue and install certificates on my domain and as well as other domains of potential clients.

How can i properly achieve this goal?

If you have confirmation from the client that it worked - have you got a certificate in /etc/letsencrypt/live ?

I’m not familiar with the VestCP, but you probably need to manually copy and paste the certificate into the control panel first time.

Since the LE script will try and modify the apache / nginx config directly, it somethimes conflicts with control panels, so best to add it into the control panel directly.

How would i get access to the " /etc/letsencrypt/live" from the terminal to get view the certificate and then manually copy and paste it? (Sorry I’m kind of a beginner when it comes to this kind of stuff)

Is this a full VPS, where you have root access to the server ? if so, just SSH into it. change to that directory ( cd /etc/letsencrypt/live ) then list the files ( ls ) if they are there, then you can display the text on the screen ( cat filename) where you can copy them to paste in your browser.

Simply running the Let’s Encrypt client on your Vesta-based VPS will not associate the certificates you generate with Vesta. Vesta expects the certificate files to be placed in different locations than where the Let’s Encrypt client writes them.

I’ve written a script that works with the Let’s Encrypt client and some of Vesta’s command line tools to help request and install certificates. You can find it at The script simplifies the process of requesting certs by automatically adding aliases to the request and ensuring that the cert gets copied and activated correctly once it’s been issued.