Skip to main content

CWP: How to Auto Renew Let's Encrypt SSL Certificate for your server Hostname/FQDN on CWP7.admin

Check certificate expiry time to verify that renewal has worked:
# openssl x509 -noout -dates -in /etc/letsencrypt/live/host.datahead.biz/cert.pem 
notBefore=Jan 12 13:16:11 2019 GMT
notAfter=Apr 12 13:16:11 2019 GMT
Add the Cron job
# crontab -e
0 */12 * * * certbot renew --cert-name host.datahead.biz --renew-hook "systemctl restart httpd && systemctl restart cwpsrv" 
To test the renewal process, you can use the certbot --dry-run switch:
 # certbot renew --cert-name example.com --dry-run 
If there are no errors, it means that the renewal process was successful.

Check the log:
# tail -f /var/log/letsencrypt/letsencrypt.log

n5Z5MqkYhlMI3J1tPRTp1nEt9fyGspBOO05gi148Qasp+3N+svqKomoQglNoAxU=
-----END CERTIFICATE-----

2019-01-13 02:05:42,952:DEBUG:certbot.renewal:Dry run: skipping updating lineage at /etc/letsencrypt/live/host.datahead.biz
2019-01-13 02:05:42,954:DEBUG:certbot.updater:Skipping updaters in dry-run mode.
2019-01-13 02:05:42,955:DEBUG:certbot.renewal:no renewal failures
 

Helpful Link:
https://www.onepagezen.com/letsencrypt-auto-renew-certbot-apache/
https://community.letsencrypt.org/t/how-to-automatically-renew-certificates/4393/25
https://serverfault.com/questions/790772/cron-job-for-lets-encrypt-renewal
https://dev-notes.eu/2018/05/set-up-an-automatic-letsencrypt-renewal-cronjob/

Comments

Most Popular

CWP DNS Part 1 : How to Configure DNS properly for CentOS WebPanel on CentOS 7.6

After hosting my parent domain on CWP7.admin, I am getting dns error and i'm not able access my server using my server FQDN but i can access using my server IP.
So what can i do for that problem ?

Yes, you have to fix the error .

Environment Details:
Distro Name: CentOS Linux release 7.6.1810 (Core)
CentOS-Web Panel version: CWP7.admin
CWP version: 0.9.8.757
WebServer: Apache Only
FQDN: host.datahead.biz
IP: 192.120.10.3

1.Change Hostname Permanently:
# hostnamectl set-hostname host.datahead.biz# hostnamectl Static hostname: host.datahead.biz Icon name: computer-vm Chassis: vm Machine ID: 7400071490ea4f7d931374824ad4b52c Boot ID: 6e1f2d76495d4b318c25c4a1195aa130 Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-862.14.4.el7.x86_64 Architecture: x86-64 It also writes this information to the /etc/hostname file as well.
# cat /etc/hostname host.d…

CWP: How to Configure Let's Encrypt SSL Certificate for your server Hostname/FQDN on CWP7.admin

I wrote a blog on http://forum.centos-webpanel.com regarding Let's Encrypt SSL Certificate for CentOS Web Panel when "Letsencrypt Manager"  option was exist under Apache Settings >> Letsencrypt Manager >> Install Letsencrypt .

At Present CWP Team has been removed "Letsencrypt Manager"  that's why it will not renew any cert automatic . They made Auto SSL by default but Auto SSL grade is B and I'm not satisfied with Auto SSL.

Previous Article Link Install Letsencrypt SSL Certificate for your Server Hostname/FQDN, 100% Working 

N.B: I am using the below cipherlist 
https://cipherli.st/
https://mozilla.github.io/server-side-tls/ssl-config-generator/
https://wiki.mozilla.org/Security/Server_Side_TLS

So now I am writing this solution again for all of guys and I hope that it will be 100% working again on your CentOS-Webpanel as mine .

Environment Details:
CPU Model: Intel(R) Xeon(R) CPU X3440 @ 2.53GHz
CPU Details: 2 Core (2527 MHz)
Distro Name: Ce…