Wow Jakub / kuba’s plugin addition fully automated the Letsencrypt client SSL certificate issuing for my Centmin Mod Nginx stack allow you to pass the custom web root path to the authentication https://github.com/letsencrypt/letsencrypt/issues/742#issuecomment-137675158
Bloodly awesome ! @schoen definitely something to merge in !
./venv/bin/letsencrypt -a simplefs --simplefs-root /home/nginx/domains/le4.http2ssl.xyz/public --text --agree-eula -d le4.http2ssl.xyz auth
So fully automating non-standard Ubuntu Apache/Nginx setups provided they already have the ssl vhost and web root for their respective domains setup prior !
ls -lah /etc/letsencrypt/live/
total 28K
drwx------ 7 root root 4.0K Sep 4 08:10 .
drwxr-xr-x 8 root root 4.0K Aug 29 07:52 ..
drwxr-xr-x 2 root root 4.0K Aug 29 07:52 le1.http2ssl.xyz
drwxr-xr-x 2 root root 4.0K Aug 30 08:07 le2.http2ssl.xyz
drwxr-xr-x 2 root root 4.0K Sep 4 07:53 le3.http2ssl.xyz
drwxr-xr-x 2 root root 4.0K Sep 4 08:07 le4.http2ssl.xyz
drwxr-xr-x 2 root root 4.0K Sep 4 08:10 le4.http2ssl.xyz-0001
ls -lah /etc/letsencrypt/live/le4.http2ssl.xyz
total 8.0K
drwxr-xr-x 2 root root 4.0K Sep 4 08:07 .
drwx------ 7 root root 4.0K Sep 4 08:10 ..
lrwxrwxrwx 1 root root 40 Sep 4 08:07 cert.pem -> ../../archive/le4.http2ssl.xyz/cert1.pem
lrwxrwxrwx 1 root root 41 Sep 4 08:07 chain.pem -> ../../archive/le4.http2ssl.xyz/chain1.pem
lrwxrwxrwx 1 root root 45 Sep 4 08:07 fullchain.pem -> ../../archive/le4.http2ssl.xyz/fullchain1.pem
lrwxrwxrwx 1 root root 43 Sep 4 08:07 privkey.pem -> ../../archive/le4.http2ssl.xyz/privkey1.pem
ls -lah /etc/letsencrypt/live/le4.http2ssl.xyz-0001/
total 8.0K
drwxr-xr-x 2 root root 4.0K Sep 4 08:10 .
drwx------ 7 root root 4.0K Sep 4 08:10 ..
lrwxrwxrwx 1 root root 45 Sep 4 08:10 cert.pem -> ../../archive/le4.http2ssl.xyz-0001/cert1.pem
lrwxrwxrwx 1 root root 46 Sep 4 08:10 chain.pem -> ../../archive/le4.http2ssl.xyz-0001/chain1.pem
lrwxrwxrwx 1 root root 50 Sep 4 08:10 fullchain.pem -> ../../archive/le4.http2ssl.xyz-0001/fullchain1.pem
lrwxrwxrwx 1 root root 48 Sep 4 08:10 privkey.pem -> ../../archive/le4.http2ssl.xyz-0001/privkey1.pem
so all I need to run is a few commands to obtain SSL certificates via Letsencrypt passing my custom web root /home/nginx/domains/le4.http2ssl.xyz/public
to the client
nv -d le4.http2ssl.xyz -s y -u FTPusername
./venv/bin/letsencrypt -a simplefs --simplefs-root /home/nginx/domains/le4.http2ssl.xyz/public --text --agree-eula -d le4.http2ssl.xyz auth
sed -i 's|\/usr\/local\/nginx\/conf\/ssl\/le4.http2ssl.xyz\/le4.http2ssl.xyz.crt|\/etc\/letsencrypt\/live\/le4.http2ssl.xyz\/fullchain.pem|' /usr/local/nginx/conf/conf.d/le4.http2ssl.xyz.ssl.conf
sed -i 's|\/usr\/local\/nginx\/conf\/ssl\/le4.http2ssl.xyz\/le4.http2ssl.xyz.key|\/etc\/letsencrypt\/live\/le4.http2ssl.xyz\/privkey.pem|' /usr/local/nginx/conf/conf.d/le4.http2ssl.xyz.ssl.conf
ngxrestart
So essentially all other control panels would only need to be able to generate their respective site’s SSL vhost for their web servers and auto generate self-signed ssl all prior to running the letsencrypt client in simplefs mode and pass their respective web root paths to the client to get SSL certificates. And then automate the switching of paths to letsencrypt’s SSL certificate and private key paths.