How to set a host to use a free certificate (ACME support)

 
Post new topic   Reply to topic    Aprelium Forum Index -> 2.12 Beta
View previous topic :: View next topic  
Author Message
admin
Site Admin


Joined: 03 Mar 2002
Posts: 821

PostPosted: Fri Aug 03, 2018 4:17 pm    Post subject: How to set a host to use a free certificate (ACME support) Reply with quote

Creating a private key for the ACME account

* Open the console
* Select "SSL/TLS certificates"
* Press "Add" in the "Privates Keys" table
* In the displayed form, enter "LE Key" in "Name"
* Set "Action" to "Generate"
* Set "Type" to RSA 2048. You can choose a higher key length but 2048 is the recommended length for such uses. Anything value equal or below 1024 will not be accepted by the ACME certificate authority later on.
* Press "OK".

A new private key named "LE Key" should now be available in the private keys table.

Declaring an ACME account

* Now press "Edit" in front of the "ACMEBot Parameters"
* Press "Add" in the "ACME Accounts" table
* In the displayed form, enter "LE Account" in "Name"
* Set "Directory URL" to "Let's Encrypt ACME v2"
* Set "Private Key" to "LE Key" (the name of the private key generated previously)
* Set "Contact Email" to your email address. This address will be used by the Let's Encrypt certification authority to notify you about certificate issues and renewals as explained in https://letsencrypt.org/docs/expiration-emails/
* Press "OK" to finish declaring the account.

* Press "OK" twice to go back to the main console screen

Configuring a host to use an ACME certificate

* In the console's main screen, locate the "Hosts" table
* Press "Configure" associated with the host that will use an ACME certificate
* Click on the "General" icon
* Set "Protocol" to "HTTPS" or "HTTP+HTTPS"
* Set "Certificate Type" to "From an ACME account"
* Set "ACME Account" to the "LE Account" (the name of the account created previously)
* Press "OK"
* Press "Restart"

After a server restart, the "Hosts" table will show the updated host with a "Status" containing "HTTPS: Waiting for certificate". You can also check the state of the ACMEBot by selecting "SSL/TLS certificates" in the console and then pressing "View" next to "ACMEBot Status".

The "ACMEBot Status" screen will report queued operations, certificates that require that you perform a manual challenge to prove you have control over a domain name, and errors. That screen is refreshed every 10 seconds.

If everything goes fine, after a few seconds, the ACMEBot will negotiate with the Let's Encrypt certification authority a new certificate and it will restart the server automatically after installing it. In such a case, the host's status will report "Running".
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com
Back to top View user's profile Send private message
admin
Site Admin


Joined: 03 Mar 2002
Posts: 821

PostPosted: Fri Aug 10, 2018 7:26 pm    Post subject: Bug with ACME wildcard certificates Reply with quote

We have just discovered a bug with the challenge token displayed for wildcard certificates.

We are fixing it and will keep you updated about our progress. Meanwhile, please expect problems with ACME certificate issuance for wildcard host names (such as *.mysite.com).
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com
Back to top View user's profile Send private message
Lithorien
-


Joined: 20 Jun 2004
Posts: 38

PostPosted: Fri Sep 07, 2018 11:10 pm    Post subject: Reply with quote

Thank you for the heads-up!
Back to top View user's profile Send private message
admin
Site Admin


Joined: 03 Mar 2002
Posts: 821

PostPosted: Fri Sep 14, 2018 6:12 pm    Post subject: Reply with quote

Lithorien wrote:
Thank you for the heads-up!


Thank you. The fix has been made and tested since a long time. Now it's either Beta 2 or the final release. The decision will be made next week.
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com
Back to top View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Aprelium Forum Index -> 2.12 Beta All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB phpBB Group