Virtual server template to auto generate lets encrypt certificate

Before the mail.domain.tld issue came about, I had a Let's Encrypt certificates generated each time a virtual server was created.

I recall finding an article that showed how to modify the virtual server template code to add steps to auto-generate the certificate but I'm not sure where that article is. I no longer seem to have that functionality since updates (I guess).

Could you advise on how I can go about doing this using virtualmin?

I'd like it so that my virtual server template(s) autogenerate lets encrypt for domain.tld and www.domain.tld.

I need this because I offer my customers free certificates on all WordPress hosting plans so when they place an order, the server is created via WHM script, and the site needs to be HTTPS ready when they complete the installation.

Status: 
Active

Comments

Jamie, I'm not actually sure how to do that -- is it possible to automatically generate a Let's Encrypt SSL cert when a Virtual Server is created?

Oh I found it now, it's in System Settings -> Virtualmin Config -> SSL Settings.

Will that do what you're after h4ns3n? Or are you saying you need something based on the Server Template being used?

Yes, that seems to be it.

Thank you. I don't remember using that option but it reads as if that's what I'm looking for. I've just checked it on my server and it seems that all my settings are correctly set for auto requesting but it's not working.

I'm guessing that it still has something to do with the mail.domain.tld settings but I have since installed the latest update which fixes that.

Can you confirm how the fix works? What do I need to do on my side once the update is installed - will the certificate still generate even if it is expecting mail.domain.tld?

If I recall, the fix makes it so that if "mail.domain.tld" isn't listed in the ServerAlias line of the Apache config, it won't attempt to add that to the SSL cert.

If it is listed, it will request it.

You may want to try accesssing mail.domain.tld and see if that works or not.

Are you receiving an error of any sort during the domain creation though?

If you go into Email Messages -> Email Greylisting, you'll see options for "Whitelisted Clients" and "Whitelisted Recipients".

You could always try adding either the sending domain, or the recipient, to a whitelist so that it's not being greylisted.

Hi Eric

Can you tell me if it's possible to deploy Let's Encrypt only for specific templates, such as templates deployed with WordPress with SSL enabled. Or will it only be deployed for all sites where SSL is enabled? Or will Let's Encrypt be active for all sites as default when it's have been activated under System Settings -> Virtualmin Config -> SSL Settings.

Can you elaborate on this?

  • Tim

We're happy to help!

This particular request is about a year old and is for a different topic though... would it be possible to open a new one? We get confused easily, and that will really help us out. Thanks!