Install Let's Encrypt SSL & AutoSSL Plugin

Lemmy1

Registered
Oct 20, 2016
4
1
3
Dubai
cPanel Access Level
Root Administrator
I have generated a Let's Encrypt certificate and tried to use the AutoSSL plugin to install the certificate. I get the following errors in the AutoSSL log:

The website “domain.com”, owned by “user”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.

WARN (XID rw7d9e) The system failed to create the directory “/home/user/public_html/.well-known/acme-challenge” because of an error: Permission denied
I have been following these instructions: [How-To] Installing SSL from Let's Encrypt

I installed the Let's Encrypt client and generated an SSL:

Code:
rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
rpm -ivh https://rhel6.iuscommunity.org/ius-release.rpm
yum -y install git python27 python27-devel python27-pip python27-setuptools python27-virtualenv --enablerepo=ius
cd /root
git clone https://github.com/letsencrypt/letsencrypt
cd /root/letsencrypt
sed -i "s|--python python2|--python python2.7|" letsencrypt-auto
./letsencrypt-auto --verbose

cd /root/letsencrypt
./letsencrypt-auto --text --agree-tos --email [email protected] certonly --renew-by-default --webroot --webroot-path /home/cPanelUser/public_html/ -d domain.com -d www.domain.com
The next instruction is to enter a script via the API to auto install the SSL. At this point I tried to use the Auto SSL plugin to do the job and got the above errors. What steps do I need to take to get my SSL installed?

(I am on CentOS 6.8, cPanel 11.58.0.32)
 

Lemmy1

Registered
Oct 20, 2016
4
1
3
Dubai
cPanel Access Level
Root Administrator
Did you have a chance to review the blog post mentioned in that forum thread?
cPanel's Official Let's Encrypt Plugin | cPanel Blog
Yes I installed the AutoSSL plugin (but after manual install of Let's Encrypt client and generating SSL). I am getting the error log:

Code:
4:53:02 AM This system has AutoSSL set to use “Let’s Encrypt™”.
4:53:02 AM Checking websites for “user” …
4:53:02 AM The website “website.com”, owned by “user”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
4:53:02 AM The website “sub.website.com”, owned by “user”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
4:53:02 AM The website “sub2.website.com”, owned by “user”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
4:53:02 AM The system will attempt to renew SSL certificates for the following websites:
4:53:02 AM sub.website.com (sub.website.com www.sub.website.com)
4:53:02 AM website.com (website.com www.website.com)
4:53:02 AM sub2.website.com (sub2.com www.sub2.com sub2.website.com www.sub2.website.com)
4:53:05 AM WARN (XID b555pb) The system failed to create the directory “/home/user/public_html/.well-known/acme-challenge” because of an error: Permission denied
4:53:05 AM The system has completed the AutoSSL check for “user”.
4:53:05 AM The system has finished checking 1 user.
Should I uninstall the Let's Encrypt client, delete the generated SSL and start again? Or is there something in my set up I can look at?
 

Lemmy1

Registered
Oct 20, 2016
4
1
3
Dubai
cPanel Access Level
Root Administrator
Ok I have figured out the problem. The permissions for the 'well-known' directory were set to root instead of the user. Have changed these and now the certificates have been issued
 
  • Like
Reactions: Infopro