Installs SSL/HTTPS certificates via letsencrypt for all domains.
Rating: 8 (Another run of the mill php script) Project Time: 2015-12-05-2015-01-16: 10 hours Languages: PHP Requirements: Web Server or Root command line access; Letsencrypt command line executable;
cPanel (Any of these can be switched out with other services) Downloads: Source (See any updates below for prior versions) Sections: Information, Content, Updates, Comments
Only looks in a single apache config file, which includes all VirtualHost configurations
Using a cPanel script called “whmapi1” to install the certificates
UTF-8 is assumed for all strings (this is generally the default anyways)
Examples
Basic Example
On a cPanel system, this will add SSL certificates for all domains on the same IP as example.com, with each DocRoot/VHost having a different certificate
I actually had this pretty much complete a month ago, when letsencrypt first came out. I am very annoyed at myself for waiting so long to get it released.
While there are currently a lot of other solutions out there for this, I feel mine is a good generic solution that can fit any situation with all the options. That being said, sorry for including so many parameters! I'm kind of GNUish that way.
All of the defaults can also be modified in the Config.php file.
Requirements
letsencrypt must already be installed. If it is not part of the path, make sure to pass the “LECmd” parameter
If using cPanel scripts, cPanel must already be installed on the system
By default, domain VirtualHosts can only be located in a single apache configuration file. This is easily fixable with an example below for the “ApacheConfPath” parameter
This works by
Finds the IP of a given domain in the apache conf file(s)
Finds all VirtualHosts bound to that IP in the apache conf(s) and extracts all of their ServerName and ServerAlias domains
Runs all these found domains through letsencrypt to create a master certificate for the IP
Installs the certificate for each VirtualHost on the IP
Parameters
***IMPORTANT PARAMETER WARNING***
Any parameter marked as “UnsafeVar” will only be usable if the “AllowConfigOverride” PHP configuration variable is set as true/On. It is currently set as “On”
If the user is not completely trusted, this needs to be set to false; as otherwise, they can read any file or run any system command as the current user
The command to run to install HTTPS/SSL certificates
It is a PHP sprintf format string which receives 4 variables, which are, in order: 1) The Domain 2) The Certificate Data 3) The Private Key Data 4) The Certificate Authority Chain (CA) Data
When passed to sprintf, all of these variables are already escaped with quotes
What current time information to show for each log line
Must be a single parameter with flags separated by a space or comma
Can be a combination of the following flags: 1) DailyDate: Show the date before an info log line when the day has rolled over 2) Date: Show the date on every info log line 3) Time: Show the time on every info log line
The timestamp is never given when the help screen is invoked
Default: DailyDate,Time
-o
--coloring-type
ColoringType
Whether to color output using: xterm, html, none
If set to “UseInterfaceType”, it is set to either html or xterm, depending on the interface you are using
If an invalid value is given, “none” is assumed
Default: UseInterfaceType
-b
--distribution
Distribution
The combination of domains for created certificates. The values can be:
1) GivenDomainOnly: Only create a certificate for the domains whose vhost-document-root-path matches that of the given domain
For all virtual host domains, including aliases, that are on the IP of the given domain:
2) AllInOne: Include all domains in a single certificate via SAN (Subject Alternative Names)
3) SeparateVHosts: Create a separate certificate for each vhost-document-root-path (Also uses SAN)
Default: SeparateVHosts
-u
--url-encode-prms
URLEncodePrms
BOOL
If true, the parameters passed to “SSLInstallCmd” need to be URL encoded
Default: true
-f
--install-anyways
InstallAnyways
BOOL
If true, even if an error occured while creating one of the SSL certificates, the remaining certificates are installed
To add comments, please go to the forum page for this project (guest comments are allowed for the Projects, Posts, and Updates Forums). Comments are owned by the user who posted them. We accept no responsibility for the contents of these comments.