cpanel using third-party SSL(letsencrypt)Unofficial plug-ins
Plug it seems to look at the details of the official fee,We only for testing, please visithttps://letsencrypt-for-cpanel.com/pricing Site description is a trial 72 hours,It can also be issued after 72 hours you can try.
Third-party SSL connection installation tutorial https://letsencrypt-for-cpanel.com/docs/for-admins/installation/
1.Increase the installation source
wget https://cpanel.fleetssl.com/static/letsencrypt.repo -O /etc/yum.repos.d/letsencrypt.repo
2.Install the software update
yum -y install letsencrypt-cpanel
3.After installing the self-test
le-cp self-test
The following is the implementation process
[root@ireland ~]# yum -y install letsencrypt-cpanel Loaded plugins: fastestmirror, universal-hooks Loading mirror speeds from cached hostfile * EA4: 91.197.228.252 * cpanel-addons-production-feed: 91.197.228.252 * cpanel-plugins: 91.197.228.252 * base: ftp.tsukuba.wide.ad.jp * extras: ftp.tsukuba.wide.ad.jp * updates: ftp.tsukuba.wide.ad.jp EA4 | 2.9 kB 00:00:00 cpanel-addons-production-feed | 2.9 kB 00:00:00 cpanel-plugins | 2.9 kB 00:00:00 base | 3.6 kB 00:00:00 extras | 2.9 kB 00:00:00 letsencrypt-cpanel | 2.9 kB 00:00:00 mysql-connectors-community | 2.5 kB 00:00:00 mysql-tools-community | 2.5 kB 00:00:00 mysql57-community | 2.5 kB 00:00:00 updates | 2.9 kB 00:00:00 (1/2): letsencrypt-cpanel/primary_db | 5.7 kB 00:00:00 (2/2): cpanel-plugins/x86_64/primary_db | 30 kB 00:00:00 Resolving Dependencies –> Running transaction check —> Package letsencrypt-cpanel.x86_64 0:0.15.1-1 will be installed –> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================================================================================================================================================= Package Arch Version Repository Size ============================================================================================================================================================================================================================================================= Installing: letsencrypt-cpanel x86_64 0.15.1-1 letsencrypt-cpanel 5.1 M Transaction Summary ============================================================================================================================================================================================================================================================= Install 1 Package Total download size: 5.1 M Installed size: 14 M Downloading packages: letsencrypt-cpanel-0.15.1-1.x86_64.rpm | 5.1 MB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction *** By running this installer, you indicate that you have read the end-user licence agreement (https://cpanel.fleetssl.com/eula) and agree to all of its terms, as stated. *** Running installer as root OS version OK cPanel version OK No licence file detected at /etc/letsencrypt-cpanel.licence Fetching new trial licence … Licence file present Redirecting to /bin/systemctl stop letsencrypt-cpanel.service Failed to stop letsencrypt-cpanel.service: Unit letsencrypt-cpanel.service not loaded. FleetSSL cPanel service daemon stopped Installing : letsencrypt-cpanel-0.15.1-1.x86_64 1/1 This server has self-signed service certificates It is not safe to operate this plugin in this circumstance ‘insecure’ is being added to /etc/letsencrypt-cpanel.conf If you wish to generate a Let’s Encrypt cert for the server Please read the configuration documentation on our website, at https://cpanel.fleetssl.com/docs/service-certificates/ Config written to /etc/letsencrypt-cpanel.conf Uninstallation of existing service failed (it’s OK) Installed init scripts. Copied plugin files OK Installing cPanel paper_lantern plugin (may take a minute) … cPanel Plugin installer succeeded OK Installed chkservd scripts Added apache pre virtualhost global include Set cpanel tweak settings — Installation complete — The plugin should now be available in the cPanel feature manager Will rebuild conf and restart Apache to reload AutoSSL DCV URLs Rebuilding Apache conf and restarting now … Built /etc/apache2/conf/httpd.conf OK Verifying : letsencrypt-cpanel-0.15.1-1.x86_64 1/1 Installed: letsencrypt-cpanel.x86_64 0:0.15.1-1 Complete! [root@ireland ~]# le-cp self-test [SELF-TEST] Has valid licence ………… SUCCESS. [SELF-TEST] Can read config ………… SUCCESS. [SELF-TEST] Can connect to Let’s Encrypt ………… SUCCESS. [SELF-TEST] Can talk to WHM API ………… SUCCESS. [SELF-TEST] Can talk to plugin RPC ………… SUCCESS. [SELF-TEST] System tuning correctness ………… SUCCESS. [root@ireland ~]#
5.Here is the method https://letsencrypt-for-cpanel.com/docs/for-admins/autossl/
1.About automatic issuance( AutoSSL )
The plugin can provide "AutoSSL" type of function。
Disabled by default。
If you enable,It every 12 hours (after the renewal processing is completed):
- Find a web hosting meets the following criteria
- No valid certificate (not self-signed and has not expired within the next 48 hours)
- All collected by the DCV (domain control validation) checks domain,And add a certificate to all domain by plug-ins
- DCV failed field will be automatically skipped
- Exceeds "Encryption" certificate rate limit (i.e., the name of each certificate 100+)
- Repeated failure of the domain will eventually cease to retry,But always send them via UI.
Enable / Disable
启用(推荐)
[root@~]$ le-cp autossl enable
禁用
[root@~]$ le-cp autossl disable5.Issued manually(If you find that the certificate expired,First of all to remove the certificate
(Home »SSL/TLS »Manage SSL Hosts
6.Then use the command issued to SSH:
le-cp ssl --user=用户名 issue abc.com www.abc.com成功例子:
[root@ireland ~]# le-cp ssl --user=drma**** issue drmartens*******.fi www.drmartens*******.fi
INFO[0011] 1 certificates were returned
INFO[0011] Domain: drmartens*******.fi
INFO[0011] Requested AltNames: [drmartens*******.fi www.drmartens*******.fi]
INFO[0011] Expiry: 2020-05-12 21:49:45 -0400 EDT
INFO[0011] URL: https://acme-v02.api.letsencrypt.org/acme/order/78038503/2315490342
INFO[0011] Cert ID: drmartens*******_fi_d2ae8_3e4c3_1589334585_c28571a4e7223c826fa6ba29749bb59a
INFO[0011] Key ID: d2ae8_3e4c3_73dbff3b435eb636c6faf1f391287465
INFO[0011] Actual DNS Names on Certificate: [drmartens*******.fi www.drmartens*******.fi]Permalink Comments off
