The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Install Let's Encrypt SSL & AutoSSL Plugin

Discussion in 'Security' started by Lemmy1, Oct 20, 2016.

  1. Lemmy1

    Lemmy1 Registered

    Joined:
    Oct 20, 2016
    Messages:
    4
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Dubai
    cPanel Access Level:
    Root Administrator
    I have generated a Let's Encrypt certificate and tried to use the AutoSSL plugin to install the certificate. I get the following errors in the AutoSSL log:

    I have been following these instructions: [How-To] Installing SSL from Let's Encrypt

    I installed the Let's Encrypt client and generated an SSL:

    Code:
    rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
    rpm -ivh https://rhel6.iuscommunity.org/ius-release.rpm
    yum -y install git python27 python27-devel python27-pip python27-setuptools python27-virtualenv --enablerepo=ius
    cd /root
    git clone https://github.com/letsencrypt/letsencrypt
    cd /root/letsencrypt
    sed -i "s|--python python2|--python python2.7|" letsencrypt-auto
    ./letsencrypt-auto --verbose
    
    cd /root/letsencrypt
    ./letsencrypt-auto --text --agree-tos --email email@domain.com certonly --renew-by-default --webroot --webroot-path /home/cPanelUser/public_html/ -d domain.com -d www.domain.com
    The next instruction is to enter a script via the API to auto install the SSL. At this point I tried to use the Auto SSL plugin to do the job and got the above errors. What steps do I need to take to get my SSL installed?

    (I am on CentOS 6.8, cPanel 11.58.0.32)
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,618
    Likes Received:
    296
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. Lemmy1

    Lemmy1 Registered

    Joined:
    Oct 20, 2016
    Messages:
    4
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Dubai
    cPanel Access Level:
    Root Administrator
    Yes I installed the AutoSSL plugin (but after manual install of Let's Encrypt client and generating SSL). I am getting the error log:

    Code:
    4:53:02 AM This system has AutoSSL set to use “Let’s Encrypt™”.
    4:53:02 AM Checking websites for “user” …
    4:53:02 AM The website “website.com”, owned by “user”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:53:02 AM The website “sub.website.com”, owned by “user”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:53:02 AM The website “sub2.website.com”, owned by “user”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:53:02 AM The system will attempt to renew SSL certificates for the following websites:
    4:53:02 AM sub.website.com (sub.website.com www.sub.website.com)
    4:53:02 AM website.com (website.com www.website.com)
    4:53:02 AM sub2.website.com (sub2.com www.sub2.com sub2.website.com www.sub2.website.com)
    4:53:05 AM WARN (XID b555pb) The system failed to create the directory “/home/user/public_html/.well-known/acme-challenge” because of an error: Permission denied
    4:53:05 AM The system has completed the AutoSSL check for “user”.
    4:53:05 AM The system has finished checking 1 user.
    Should I uninstall the Let's Encrypt client, delete the generated SSL and start again? Or is there something in my set up I can look at?
     
  4. Lemmy1

    Lemmy1 Registered

    Joined:
    Oct 20, 2016
    Messages:
    4
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Dubai
    cPanel Access Level:
    Root Administrator
    Ok I have figured out the problem. The permissions for the 'well-known' directory were set to root instead of the user. Have changed these and now the certificates have been issued
     
    Infopro likes this.
Loading...

Share This Page