search

plesk / letsencrypt-plesk

Let’s Encrypt extension for Plesk gives all Plesk users the power to get a free Let’s Encrypt certificate with just a couple of clicks.
https://www.plesk.com/extensions/letsencrypt/
180 stars 25 forks source link

Certificates are not present in the .../letsencrypt/etc/live/domain.ext #159

Closed geoffgom closed 7 years ago

geoffgom commented 7 years ago

Since I updated to version 2 and for newly added domains, I don't find domain.ext in the directory (/usr/local/psa/var/modules/letsencrypt/etc/live/) anymore. I am using the version 2.0.1 of the letsencrypt plugin in plesk 17.0.17.

rkosolapov commented 7 years ago

Hello. Could you please tell us what scenario you want to enable with those files?

geoffgom commented 7 years ago

I am using those files in an taylor made apache config file (in a Ruby on Rails context). It is quite convenient to be able to references those (also thanks to the symlink) without having to update the apache config on every certificate refresh. Regards

rkosolapov commented 7 years ago

Ok, in general the case is clear, thank you. We plan to solve the issue in one of the upcoming releases.

amavarick commented 7 years ago

I would like the link as well for OCSP stapling. Would you ensure the full chain cert is included? On Apr 3, 2017, at 3:27 AM, rkosolapov notifications@github.com<mailto:notifications@github.com> wrote:

Ok, in general the case is clear, thank you. We plan to solve the issue in one of the upcoming releases.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/plesk/letsencrypt-plesk/issues/159#issuecomment-291067709, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AT8yMC9JzrEjN2-KEAb41Geam4GAbwzGks5rsJ9GgaJpZM4MwZn7.

rkosolapov commented 7 years ago

Hi, amavarick.

Yes, we plan to provide the full chain cert (as it was in certbot) so it should be suitable for OSCP stapling.

rkosolapov commented 7 years ago

2.0.2 released, check it out :)

amavarick commented 7 years ago

Permissions error referencing the letsencrypt certificates from within Plesk, nginx additional directives. Note: mydomain.tld was changed from actual folder name.

2017/04/06 11:16:24 [emerg] 9790#0: SSL_CTX_load_verify_locations("/usr/local/ps a/var/modules/letsencrypt/etc/live/mydomain.tld/chain.pem") failed (SSL: e rror:0200100D:system library:fopen:Permission denied:fopen('/usr/local/psa/var/m odules/letsencrypt/etc/live/mydomain.tld/chain.pem','r') error:2006D002:BI O routines:BIO_new_file:system lib error:0B084002:x509 certificate routines:X509 _load_cert_crl_file:system lib)