Free SSL for VestaCP on CentOS

cd /usr/local
yum install git -y
git clone
git clone
mkdir -p /etc/letsencrypt/webroot
ln -s /usr/local/letsencrypt-vesta/letsencrypt.conf /etc/httpd/conf.d/letsencrypt.conf
ln -s /usr/local/letsencrypt/letsencrypt-auto /usr/local/bin/letsencrypt-auto
ln -s /usr/local/letsencrypt-vesta/letsencrypt-vesta /usr/local/bin/letsencrypt-vesta
service httpd restart
letsencrypt-vesta admin


git clone
cd letsencrypt
sudo apt-get install build-essential libssl-dev libffi-dev python-dev python-pip
pip install -U cffi
pip install cryptography --upgrade
./letsencrypt-auto --help
./letsencrypt-auto certonly --standalone -d -d

Useful Info:

/usr/local/bin/letsencrypt-auto certonly -a webroot –renew-by-default –webroot-path /home/YOUR_VESTA_USERNAME/web/DOMAIN_GOES_HERE/public_html -d DOMAIN_GOES_HERE

Renew Certificate
/usr/local/bin/letsencrypt-auto renew

cat /etc/letsencrypt/live/DOMAIN_GOES_HERE/cert.pem
Copy contents into “SSL Certificate” field.

cat /etc/letsencrypt/live/DOMAIN_GOES_HERE/privkey.pem
Copy contents into “SSL Key” field.

cat /etc/letsencrypt/live/DOMAIN_GOES_HERE/fullchain.pem (chain.pem leads error that Android Chrome gives error Untrusted Web Site)
Copy contents into “SSL Certificate Authority” field.

Or copy to: /home/admin/conf/web/

VestaCP Login Panel SSL:

cp /etc/letsencrypt/live/DOMAIN_GOES_HERE/cert.pem /usr/local/vesta/ssl/certificate.crt
cp /etc/letsencrypt/live/DOMAIN_GOES_HERE/privkey.pem /usr/local/vesta/ssl/certificate.key
service vesta restart


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s