Let's Encrypt with VestaCP on Ubuntu 14


#1

I get my first ssl cert working ok on my domain www.superservidor.cl using webroot plugin on Ubuntu 14.04 + VestaCP 0.9.8 Release 15 (using Apache v2.4.7 + OpenSSL v1.0.1f + PHP 5.5.9)

I have validated the cert using this service:

https://www.ssllabs.com/ssltest/analyze.html?d=superservidor.cl

Thanks Let’s Encrypt !!!


#2

Nice! :smile:
(if you want A+ on SSLLabs, you’ll need long-term HSTS, which can be enabled by adding the header Strict-Transport-Security "max-age=21536000; includeSubdomains; preload"; in your apache or nginx config. note that you should only enable this if you think you’ll keep HTTPS forever)


#3

I already got the A calification using the info from another site.

After I followed your indications both Apache and Nginx crashed and not run.
I had to go back to my backups to get both servers working again.

Thanks anyway !!!


#4

+1 for webroot authentication :+1:


#5

Were you able to get it set up to renew automatically?


#6

@superservidor please can you give a short walk-through of how you managed to set this up with VestaCP.
Thank you for your assistance.


#7

I found this on the VESTACP forums https://docs.google.com/document/d/1y5tTtImTGk_zqYe3lelGtMl8_gSCQcNgCCdbYTQAb7E/edit

http://forum.vestacp.com/viewtopic.php?f=10&t=9158&start=10


#9

#10

I’ve created a script that allows LE certs to be installed (or renewed) on Vesta sites with a single command, thanks to Vesta’s command line tools.

You can find it on GitHub at https://github.com/interbrite/letsencrypt-vesta. Installation instructions are in the README.


#11

That is awesome Kodiak!
I have been wanting my main site to serve http2 for a while now so this will help!

Question though! once I got http2 running do you think I will still need a cdn or is that just superfluous?
Thanks again for the script, its awesome!

  • Phillip Dews

#12

I yet to roll out HTTP/2 anywhere, even in test, so I can’t comment. Best of luck, though!

Glad you find the script helpful!