Letsencrypt on VestaCP


I’m currently trying to set it up, for testing purposes, on my Vesta environment.
However, after I generate the certificate I get four files;

I put the following in the order
"SSL certificate" = cert1.pem
"SSL Key" = privkey1.pem
"SSL CA/intermediate" = fullchain1.pem

I disabled nginx proxy, because apparently after restarting it it makes nginx not load.
one.example.org loads via http://
But as soon as I load https://one.example.org it loads a “webpage could not load”. :expressionless:
It’s running on an Ubuntu 14.04.3 LTS" environment.

I would appreciate any feedback.


Use privkey1.pem for “SSL Key” and chain.pem for “SSL CA/intermediate”.


Just tried it and restarted vesta and apache2 services and problem persists.


Well, that’s all there is to say from the information you have given. I suggest you try to find more information, error messages in the log or sharing the actual URL for example.


I was able to get it working on my site (here) with these documents https://docs.google.com/document/d/1y5tTtImTGk_zqYe3lelGtMl8_gSCQcNgCCdbYTQAb7E/edit http://forum.vestacp.com/viewtopic.php?f=10&t=9158&start=10

The problem that Im having now is that when I try to load the CP on mobile it says untrusted


Oh my god Torlerr, thank you. I’ll read your passage and continue through my quest.
You’re doing god’s work son.


The Vesta control panel interface (port 8083) runs on a separate Nginx interface from your main sites and uses it’s own certificate. You can replace the default self-signed certificate with a Let’s Encrypt cert by editing /usr/local/vesta/nginx/conf/nginx.conf.

Pretending your certificate was issued for myserver.com, you’d change this file to reflect the following:

ssl_certificate: /etc/letsencrypt/live/myserver.com/fullchain.pem;
ssl_certificate_key: /etc/letsencrypt/live/myserver.com/privkey.pem;