Manage SSL certificates issued by Let’s Encrypt Authority.
1) Go to Webuzo Panel >> Lets Encrypt.
2) Select the domain for which you need to issue/manage certificate.
3) Click on one of the buttons as per the action required for e.g install
Wait for a few minutes for the process to complete in the background and that’s it !!! You are done !
Configure Lets Encrypt Certificate for EMail/Panel
1) Go to Webuzo Panel >> Lets Encrypt >> Configure LE Certificate tab.
2) Select the domain for which you want to configure LE Certificate for either panel or email and select the option “Use this certificate for Webuzo Panel” if you want to use the LE Certificate for accessing Panel using https and/or select the option “Use this certificate for Email SSL/TLS” if you want to use the LE Certificate for connecting email clients with SSL.
3) Click on the Configure button in order to configure the LE Certificate for Panel/EMail.
The success message “Your settings were saved successfully” will be displayed on successfull configuration and the data will be shown as in below screenshot.
In order to unconfigure/unset the Email/Panel SSL Configuration Settings, you can either uncheck the “Use this certificate for Webuzo Panel” and/or “Use this certificate for Email SSL/TLS” options and click on Configure button or you can just click on Remove button given in the table options beside the associated domain as shown in below screenshot.
You can also manage Let’s Encrypt certificates using the CLI utility of the panel.
To install a certificate on a domain, run the following command as root user:
/usr/local/emps/bin/php /usr/local/webuzo/cli.php --lets_encrypt --action=install --domain=your_domain.com
- Variables to manage other aspects of Let’s Encrypt certificate from CLI utilityTo revoke (remove) an installed certificate, pass –action=revoke along with domain name as in the above example.To renew, pass –action=renew along with domain name as in the above example.To renew all the installed Let’s Encrypt cerificates, pass –action=renew_all. When you are using action as renew_all, you do not need to pass any domain name to the utility.
- The utility needs a webserver running and listening to Port 80.
- This utility can not issue/manage certificates to domains with IP address assigned to them.
- Domains with certificate installed through this utility can not have another certificate assigned via the panel unless the Let’s Encrypt one is revoked.
- Cron to auto-renew certificates is already added in the panel and will check and renew any Let’s Encrypt issued certificate if needed.
- Logs generated by this utility are stored in /var/webuzo/log/lets_encrypt.