Install Lets Encrypt for cPanel DNSONLY Server


This article provides a guide for how to install Let's Encrypt for cPanel DNSONLY server.

Installation

Ensure you meet the prerequisites:

1. You will be fetching the package from our yum repository:

wget https://cpanel.fleetssl.com/static/letsencrypt.repo -O /etc/yum.repos.d/letsencrypt.repo

2. Install the package

yum -y install letsencrypt-cpanel-dnsonly

3. Wait for the certificate

The issuing and installation process should run as a post-installation step automatically, completing in your terminal within a minute or so. You should now have a valid certificate on port :2087

Usage

You typically should not need to do anything after installing the package.

 

 

How do I perform renewal?

It is automatic. Upon installation, a systemd timer is enabled, which runs twice daily. You may check its status with:

systemctl status fleetssl-dnsonly.timer
If you need to run renewal by hand for some reason, you can just run:
/usr/local/bin/fleetssl-dnsonly
I need to re-install the existing SSL certificate to my cPanel services.You can run the following:
/usr/local/bin/fleetssl-dnsonly -reinstall
I want to perform a test renewal to see whether it would work.You can run the following:
/usr/local/bin/fleetssl-dnsonly -dry-run
I got stuck and need to reset absolutely everything.

Remove the state file and run the program with the following:

rm -f /var/lib/fleetssl-dnsonly.json && /usr/local/bin/fleetssl-dnsonly

 

Customizations

Before you install the package, you can apply some customizations as described below. There are some other, advanced customizations available that are not documented here, you'll need to look in the source code if you're interested in them.

I want to include other domain names on the certificate, other than the hostname of the server.

This is possible with a comma-separated list of domains.

echo "FLEETSSL_DNSONLY_CERT_HOSTNAMES=dns1.example.org,alternate.example.org,foo.example.org" >> /etc/fleetssl-dnsonly.conf
I want to register my Let's Encrypt account with an email address so that I can receive renewal reminders in case of any issues.

Remember, you must do this before you install the package, or otherwise remove the state file as described earlier.

echo "FLEETSSL_DNSONLY_ACME_EMAIL_ADDRESS=me@example.com" >> /etc/fleetssl-dnsonly.conf
I want to change the renewal cutoff from the default of 31 days to something different.
echo "FLEETSSL_DNSONLY_RENEWAL_CUTOFF=31" >> /etc/fleetssl-dnsonly.conf
  • cpanel dnsonly, dns cluster, lets encrypt, ssl, ssl certificate, cpanel ssl install
  • 1 Utilizadores acharam útil
Esta resposta foi útil?

Related Articles

Remove a Service from ChkServd Monitoring for cPanel Servers

This guide requires root user account in server. In some circumstances, ChkservD cPanel...

Assigning a Dedicated IP Address to a Subdomain using WHM

To assign a dedicated IP address to a subdomain, perform the following steps: Step 1: Add the...

How to Uninstall Installatron in WHM cPanel Server

This guide will show you how to quickly uninstall Installatron software from WHM/cPanel server....

How to Install Installatron in WHM cPanel Server

This guide will show you how to download and install Installatron on your cPanel/WHM server. To...

How to Install Softaculous with cPanel/WHM

This guide will show you how to download and install Softaculous on your cPanel/WHM server. To...