Certificates via acmetool on EasySCP

    • Certificates via acmetool on EasySCP

      Hello World

      I've readed here from some people that tried to use the Let's Encrypt Certificates via Certbot and destroyed their EasySCP-Configs...
      I noticed ShadowJumper repairing their installations and so I decided to involve the forum now with my results.
      As I found "my way" and needed to deploy that on multiple Servers, I created a shell-script that I just need to use.
      To help all others here coming in the same direction, I added enough comments to understand my decisions and the situation itself.
      Because I enjoyed already ispCP and came across to EasySCP since the early versions 1.X.X - I like to support the project as much as I have the time for it.

      First of all - don't use the Certbot automation - it is not good for your existing configs :)
      Doing automatic configurations for a complex system is all the time a bad idea.
      So I invented a semi-automatic installation suitable for EasySCP installations...


      Shell-Script: /usr/local/bin/install-acmetool

      1. #/bin/bash
      2. ##########
      3. # Welcome to my script that installs ACMETOOL on EasySCP system running on Debian
      4. # Tested on Debian Jessie and EasySCP 2.0
      5. ## Preparings
      6. # We want Apache to forward all challenge requests from ACME-Server to /var/www/easyscp/gui/tools/.well-known/acme-challenge
      7. # This fits great to the other tools coming with EasySCP (like pma, filemanager, webmail)
      8. echo "Alias /.well-known /var/www/easyscp/gui/tools/.well-known" > /etc/apache2/conf-available/acmetool.conf
      9. a2enconf acmetool
      10. # Now the package installation itself on Debian (Jessie in my case)
      11. # This is changeable to other systems - follow the same howto like me:
      12. # https://hlandau.github.io/acme/userguide (Part Installation)
      13. echo 'deb http://ppa.launchpad.net/hlandau/rhea/ubuntu xenial main' > /etc/apt/sources.list.d/rhea.list
      14. apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 9862409EF124EC763B84972FF5AC9651EDB58DFA
      15. apt-get update
      16. apt-get install acmetool
      17. ## Setup
      18. # Explantations
      19. echo
      20. echo
      21. echo "##############"
      22. echo
      23. echo "Now we run the Quickstart of acmetool in expert mode"
      24. echo
      25. echo "When you should select the \"Challenge Conveyance Method\" take:"
      26. echo "WEBROOT"
      27. echo "/var/www/easyscp/gui/tools/.well-known/acme-challenge"
      28. echo
      29. echo "##############"
      30. echo
      31. # Now we start the setup-process
      32. acmetool quickstart --expert
      33. # Rights
      34. chown vu2000:vu2000 /var/www/easyscp/gui/tools/.well-known -R
      35. service apache2 reload
      36. # Final Explantations
      37. echo "So for EasySCP users simply symlink your certificates and keys from /etc/ssl/certs and /etc/ssl/keys to the proper dir in /var/lib/acme/live/{domainname}"
      38. echo
      Display All

      Now you could get your certificates and link them to your /etc/ssl directory for the direct usage in EasySCP