MailCleaner spam to Junk folder in Exchange
13 - 11 - 2016
v1.2.0 stable has been released!
01 - 04 - 2017

Introduction

This guide shows how to setup SolidCP to be able to utilize Lets Encrypt certificates.

 

The prerequisites are:

  • ACME Sharpe
  • IIS 7+

ACMESharp

ACMESharp is a fundamental part of our Lets Encrypt implementation. We would like to thank Eugene Bekker and the other contributors for their work on the code. If you want to find more please visit  https://github.com/ebekker/ACMESharp.

 

  1. If you have PowerShell version 3 or 4 you will need the latest Windows Management Framework which you can get from http://aka.ms/wmf5latest. If you have Version 5 please proceed to Step 2

  2. Open powershell and run: Install-Module -Name ACMESharp -AllowClobber

  3. Agree to install NuGet which is required. This is automatically installed when you agree and is provided by Microsoft.

  4. Agree to accept the PSGallery source. (If you are unsure you can download the source first by running: Save-Module -Name ACMESharp -Path ).

SolidCP Configuration

System Settings

  1. Select Configuration -> System Settings -> expand Lets Encrypt
  2. These are the settings which should be set:

Enable Let's Encrypt = Enabled

Enable Automatic Renewal of Certificates = Enabled

Scheduled automatic renewal period in Days = 60

Production Let's Encrypt Endpoint = https://acme-v01.api.letsencrypt.org

 

 

2017-03-30 16_24_49-SolidCP - System Settings

2017-03-30 16_33_38-SolidCP - Servers

IIS Provider

  1. Select Servers ->  IIS Provider (Under the server you want to configure)
  2. At the bottom of the page under Other Settings you will find:

    ACMESharp Vault Profiles path: This should be set to the path you want the ACME vault to be stored. We normally suggest:
    %SYSTEMDRIVE%\ProgramData\ACMESharp\vaultProfiles
  3.  If you are using a shared IP Set: SNI = Enabled. This will allow you to have multiple SSL websites on the same IP.
  4. Click update

Scheduled Tasks

This will renew ALL certificates on all servers and should be set by a serveradmin.
 
  1. Select Scheduled Tasks
  2. Select Add Schedules Task
  3. Set the name to something such as: LetsEncrypt SSL Renewal
  4. Task Type = LetsEncrypt SSL Renewals
  5. Select the other options as you wish.
  6. Ensure Enabled is Checked
  7. Click Save
2017-03-30 17_05_53-SolidCP - serveradmin - System - Scheduled Tasks

2017-03-30 16_39_50-SolidCP - serveradmin - Hosting Plans

Hosting Plan

  1. Go to Hosting Plans 
  2. Select the Plan you would like to edit
  3. Under Web Sites you will need to enable:

SSL from Let's Encrypt

SSL

4.Click Save

How does a user get a SSL Certificate

To create a Let's Encrypt certificate you need to go to:

  1. Go to the Website's Properties in SolidCP
  2. Select the SSL Tab
  3. Click Install a free certificate from Let's Encrypt
  4. Read and accept the TOS of Let's Encrypt
  5. Select the main domain from the drop down
  6. Select any other subject you would like to include from the right hand side
  7. Click Create and install Let's Encrypt certificate

Your SSL certificate will now be generated and installed.

Trevor Robinson
Trevor Robinson
- CTO of Key4ce.
- More then 10 years of experience with Linux and Unix.
- Open source enthusiast

Key4ce - IT Professionals :: https://www.key4ce.com

Leave a Reply