Which folder to install Cerbot on a Virtual Private Server(VPS)?


#1

Hello,

Which folder to install Cerbot on a Virtual Private Server(VPS) with 5 websites each within separate accounts and unique folders?

What is the best way to install Certbot on a Virtual Private Server (VPS).
The VPS had 5 domains that each need a unique SSL certificate.
Question: does Certbot get installed in root account of the VPS or is Certbot installed inside each domain’s home folder?

Please advise.
Thank you.

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: AnthonyAlvarez.us

I ran this command: None yet

It produced this output: None yet

My web server is (include version): Apache 2.4.37

The operating system my web server runs on is (include version): CENTOS 7.5 kvm 64-bit

My hosting provider, if applicable, is: LiquidWeb.com

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): cPanel 76.0 (build 14)


#2

Certbot will need root access to run.
Certbot only needs to be installed once.
Certbot will need access to the document root folders for all the sites it will be getting certs for.

If your site holders are allowed to log into the system, they should not be allowed to run/change certbot program or related directories.
Nor should they be allowed to view each others folders - if so, they could see private key information for sites they do not control.


#3

Thank you for comments.

  1. Is AutoSSL a replacement for CertBot?
  2. What is the relationship between the two?

#4

You must not run Certbot on cPanel. It is not compatible and can very badly screw up your virtual hosts.

Yes

They can both be used to issue certificates, both implement the ACME protocol and can both talk to Let’s Encrypt. Other than that, they’re unrelated.


#5

The bottom line is, I can start Let’s Encrypt install process immediately.
Since AutoSSL is already installed, AutoSSL can be used instead of CertBot.

Thank you.


closed #6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.