Let's Encrypt support for ISPConfig
Latest commit be8bde7 Jul 28, 2016 @alexalouit committed on GitHub Merge pull request #52 from exmatrikulator/none_subdomain
bugfix: alias domain produce a none.domain #48
Failed to load latest commit information.
src alias domain produce a none.domain #48 May 2, 2016
.gitignore Initial commit Nov 6, 2015
README.md Update README.md May 27, 2016
_todo improvements Feb 2, 2016
apache.letsencrypt.conf bugfix Dec 1, 2015
cli.ini agree-dev-preview deprecated Dec 16, 2015
install.php Update install.php Mar 30, 2016
nginx.conf.patch bugfix Dec 1, 2015


ISPConfig Let's Encrypt

Don't use this plugin with ISPConfig 3.1 (or newer), this plugin is natively included.


Let's Encrypt installed

ISPConfig (select version in branche)

Apache or Nginx


git clone https://github.com/alexalouit/ISPConfig-letsencrypt.git
cd ISPConfig-letsencrypt
php -q install.php

After install, a new checkbox will be available in editing website, just check it.

Adjust server in /etc/letsencrypt/cli.iniif isn't https://acme-v01.api.letsencrypt.org/directory`


  • make your own backup!

  • go to dir

cd ISPConfig-letsencrypt
  • create Let's Encrypt configuration
cp ./cli.ini /etc/letsencrypt/cli.ini
  • patch ISPConfig (merge all files from ./src to /usr/local/ispconfig)
rsync -av ./src/ /usr/local/ispconfig/
  • prepare apache
cp ./apache.letsencrypt.conf /etc/apache2/conf-available/letsencrypt.conf
a2enmod headers
a2enconf letsencrypt
service apache2 reload
  • prepare nginx
patch /etc/nginx/nginx.conf < ./nginx.conf.patch
service nginx reload
  • create a cron for automatic renewal:
crontab -e
30 02 * * * /root/.local/share/letsencrypt/bin/letsencrypt renew >> /var/log/ispconfig/cron.log
  • sql queries:
ALTER TABLE `web_domain` ADD `ssl_letsencrypt` enum('n','y') NOT NULL DEFAULT 'n';


update Let's Encrypt

cd /root/letsencrypt
git fetch

see Let's Encrypt log

cat /var/log/letsencrypt/letsencrypt.log

see ISPConfig log

cat /var/log/ispconfig/ispconfig.log
cat /var/log/ispconfig/cron.log

remove certs

rm -r /etc/letsencrypt/archive/$domain/
rm -r /etc/letsencrypt/live/$domain/
rm -r /etc/letsencrypt/renewal/$domain.conf

re-generate cert: uncheck SSL & Let's Encrypt, save, recheck and save