Install Letsencrypt SSL on ServerPilot Free Plan

To install Let’s Encrypt free SSL certificate with auto-renewal on your server (managed by ServerPilot), sign into your server as root and clone my script by executing this command:

sudo git clone https://github.com/rehmatworks/serverpilot-letsencrypt.git && cd serverpilot-letsencrypt && sudo mv sple.sh /usr/local/bin/rwssl && sudo chmod +x /usr/local/bin/rwssl && (crontab -l ; echo "@monthly \"sudo service nginx-sp stop && yes | letsencrypt --standalone renew &>/dev/null && service nginx-sp start && service nginx-sp reload\"")| crontab - && service cron reload

Now a command rwssl will become available for you. Just type rwssl and hit enter in your terminal (keeping yourself signed-in as root):

rwssl

You will be asked to provide some details and the SSL will be installed within a minute or two if all goes fine.


Didn’t get what I said? Below is a detailed guide.

The paid plan of ServerPilot is priced at $10 per month which allows you to enable Let’s Encrypt SSL with a single click. But if you don’t want to spend that $10 and still need to enable SSL on your apps, then you can use a simple bash script that I’ve written a few months ago. This bash script allows you to get a free SSL certificate for your domains from Let’s Encrypt. As the SSLs from Let’s Encrypt are valid for 3 months, so you have to renew the SSLs every 3 months. Don’t worry, you will not need to perform the renewal yourself as the script adds a CRON job that will renew your expiring SSLs every month.

How to Install the SSL:

In short, there are 3 simple steps to install Let’s Encrypt free SSL on your ServerPilot server:

  1. Sign in to your server as root via SSH
  2. Clone my repository from GitHub
  3. Execute the command to install the SSL

It’s that simple. You don’t need to create virtual host files or you don’t need to configure any CRON jobs for auto-renewal of the certs. Everything is automated and the script will install and configure the SSL for you.

Now let’s talk in a little depth about all this process.

First of all, sign into your server via SSH as root and execute this command:

sudo git clone https://github.com/rehmatworks/serverpilot-letsencrypt.git && cd serverpilot-letsencrypt && sudo mv sple.sh /usr/local/bin/rwssl && sudo chmod +x /usr/local/bin/rwssl && (crontab -l ; echo "@monthly \"sudo service nginx-sp stop && yes | letsencrypt --standalone renew &>/dev/null && service nginx-sp start && service nginx-sp reload\"")| crontab - && service cron reload

P.S.: In addition to new installations, existing users of the script can run this command to update their script to the latest available release.

If you get an error saying that ‘git’ command isn’t available, then you will have to install it by typing ‘apt-get install git’.

Once you will execute the command I mentioned above, the bash script will be copied to your server and will be made executable via a command rwssl. Moreover, the auto-renewal CRON job will be added as well. Now you can start installing SSL certs for your sites by executing the script like this:

rwssl

You just need to type rwssl and press enter. You will be asked to provide the necessary information and the SSL will be installed within a minute or two if all goes well.

Note: For the latest version of the script, you don’t need to execute these separate commands with arguments. Simply run the script as rwssl and it will ask you for the required info. This information is here as a reference for the users of the old script who haven’t updated their script yet.

For Main Domains (For old script):

rwssl install example.com app_name main

For Sub Domains (For old script):

rwssl install sub.example.com app_name sub

P.S.: You will have to replace the red highlighted values (domain name and app name) with real values.

Update:

I’ve updated the script recently and now you don’t need to enter the arguments on the command line. You can clone the latest version of the script to your server and then simply execute rwssl command without any arguments. You will be prompted to provide the required information and the SSL will be installed on your server within a minute.

That’s it. SSL will be installed if all goes well. In case you get any errors during all this process, ensure that you are logged in as the root user or a sudoer as well as your domain is already pointing to your server. If your domain’s DNS isn’t pointed to your server, then Let’s Encrypt will unable to verify your ownership of the domain and it will not issue the cert.

The script for this ServerPilot SSL automation is hosted at GitHub here. Don’t forget to give it a star if this helps you :). Do you have any questions? Ask below in comments.

Rehmat

A web developer, server administrator and a blogger from Gilgit-Baltistan, Pakistan.

125 Comments

You can post comments in this post.


  • Thanks Rehmat, this is the easiest SSL script for serverpilot ever!

    Matt 4 months ago Reply


    • Glad to know that you found it easy and helpful 🙂

      Rehmat 4 months ago Reply


  • Great Article…. is renewing the certificate as easy? Do you just run the install script again?

    Andrew 4 months ago Reply


    • Hi, Andrew,
      The auto-renewal is automated. You don’t need to do anything. Just install the SSL and all SSLs will be renewed automatically. The script adds a CRON job for this renewal.

      Rehmat 3 months ago Reply


      • Brilliant. Thanks again for the great article and script.

        Andrew 3 months ago Reply


  • i tried this and got message SSL should have been installed for techrobust.com with auto-renewal (via cron)
    but still the url with https:// is not working
    i pointed a record for the server the website with http working fine
    where i am wrong?

    karthikeyan 3 months ago Reply


  • /usr/local/bin/rwssl: line 144: /etc/nginx-sp/vhosts.d/websiteserver-ssl.conf: Permission denied

    karthikeyan 3 months ago Reply


    • Seems like you aren’t running the script as root or with sudo privileges. If you have the root privileges, then rerun the script and it should install the SSL on your site. Please ensure that your domain is pointing to your server directly and you aren’t using any CDN like Cloudflare etc.

      Rehmat 3 months ago Reply


  • Hi,
    I try to do this several time but when I receive the message: Checks passed, press enter to continue.. I press enter and not work anymore… Do you know why?
    Thanks for all

    Francisco Centeno 3 months ago Reply


    • Hi,
      Have you tried rebooting your server?

      Rehmat 3 months ago Reply


  • Hi,
    when I run the install command to setup SSL for a domain all I get is
    “Stopping nginx-sp: nginx-sp.
    Checks passed, press enter to continue”

    and then nothing happens, I have to restart nginx manually and there is no active SSL

    Any ideas what I’m doing wrong?

    Kris 3 months ago Reply


    • Hi,
      Please try rebooting your server and run the script. If errors persist, post the details below.

      Rehmat 3 months ago Reply


      • Hi Rehmat,
        it persists, but stucks on other step

        ***@***:~/serverpilot-letsencrypt# rwssl install ***.com *** main
        What do you want to do with Let’s Encrypt? (install/uninstall): install
        Enter your domain name (Don’t include www): ***.com
        Enter your ServerPilot app name: ***
        Is this a main domain or sub-domain? (main/sub): main
        Let’s Encrypt libs not found. Installing the libraries….
        Stopping nginx-sp: nginx-sp.
        Ready to install, press enter to continue

        *** are just for hiding domain and app

        It stucks at ready to install, nothing is happening later

        Kris 3 months ago Reply


        • Hi Kris,
          Please specify the Ubuntu version and other specs of your system and I’ll do a specific check as I’ve found several other users complaining about the same issue. Thanks!

          Rehmat 3 months ago Reply


          • Thanks, very easy to install, although I’m getting the same issue.

            Ready to install, press enter to continue

            Pressing Enter doesn’t do anything and it just hangs.

            Server is:
            Ubuntu 14.04.3
            512MB Ram
            20GB Disk

            Any ideas?

            Daniel 3 months ago


          • Hi Daniel, please clone the repo again as I’ve fixed the bugs on Ubuntu 14.x. The updated script should work without any issue now.

            Rehmat 2 months ago


          • Hi Rehmat,
            with the latest update it works 🙂

            I only have problem with one domain, it returns
            “SSL cannot be obtained at the moment. Please try again.”

            All other didn’t return any problem and SSL is working.
            Any ideas what’s wrong?

            Kris 2 months ago


          • Nevermind my previous problem,
            the error appears only if you don’t have CNAME for www 🙂
            Now it works!

            Many thanks!

            Kris 2 months ago


          • Glad to know that you made it work for you.

            Rehmat 2 months ago


  • Job for nginx-sp.service failed because the control process exited with error code. See “systemctl status nginx-sp.service” and “journalctl -xe” for details.

    This error pops up as soon a domain is added, i checked the log and nothing is created under “/etc/letsencrypt/live/……..” i played with permissions and none worked. any idea ?

    Dude 3 months ago Reply


    • Hi, did you run this as root? If yes, then no need to play with the permissions. Regarding the error, I feel that there are manually created SSL vhosts. If you have attempted to install the SSL manually before and have created vhots manually, then delete them first. Moreover, delete the let’s encrypt directory (/etc/letsencrypt) as well and then use the script to install SSLs. Everything should work smoothly.

      Rehmat 3 months ago Reply


  • This is amazing man, two thumbs up!!

    ALex 3 months ago Reply


    • Glad to know that you liked it 🙂

      Rehmat 3 months ago Reply


      • When navigating to the www. version of my website, do you know why it gives me an error in the browser of ” YOUR_DOMAIN uses an unsupported protocol.
        ERR_SSL_VERSION_OR_CIPHER_MISMATCH” ? Thanks!

        Cameron 3 months ago Reply


        • Hi Cameron, did you install the SSL by choosing ‘main’ option?

          Rehmat 3 months ago Reply


          • No I did not, installing it for sub-domains only. The WWW version of the sub-domain gets that error.

            – Alex

            Cameron 3 months ago


          • Sub-domains don’t contain www or you have to manually create the records (A, CNAME) for them. Just go ahead and choose the sub-domain option to install the SSL. Don’t enter www and all should go fine.

            Rehmat 3 months ago


  • Hy bro my Site is Already Live on linode with webuzo panel i am also integrate Cloudflare on it and install SSL certificate Generated from SSLFORFREE (.) COM but now i want to migrate mu website on Serverpilot because i am facing some minor database issues on webuzo my friend tell me that webuzo have some issue like that so i migrate my website and install your SSL script it was installed successfully but when i open my site in browser it was showing an 502 or 521 error … So my questions are is are is any SSL scirpt which i used on my website with cloudflare and the 2nd one is i know you are doing greate work in linux and u have great knowledge so please tell mai webuzo panel free version have database bugs or not my webiste have lots of images so i was get 1 or 2 times error establishing database connention error but when i restart my sql datase everything was ok so please answer my questions bro thanks

    Nouman 3 months ago Reply


    • Hi Nouman, don’t use Webuzo, I don’t recommend it. Use ServerPilot and you will get a robust environment. To use the SSL script, you need to disable CloudFlare first and point your domain (DNS) directly to your server as Let’s Encrypt verifies your domain’s ownership before issuing the SSL and CloudFlare has conflicts in this procedure. Once your SSL is active, you can turn CloudFlare on. Let me know either this helps or not.

      Rehmat 3 months ago Reply


      • But Rehmat bhai the Problem is that My Website Getting Daily Traffic and 30+ Real-time users … Because the Website is new and is in ranking stage Downtime is not good for it. As you Said Disable Cloud-flare and Use Server DNS, with this Website will Down for few minutes may be for hours which is not good … Please Suggest me what i do for these issues. Can i Ping u Personal on Facebook i am friend of you on FB

        Nouman 3 months ago Reply


        • There shouldn’t be any downtime at all. Just disable the CDN in cloudflare control panel and your domain’s traffic will not pass through CloudFlare. Once SSLs are configured, enabled the CDN again. This will not result in any downtime.

          Rehmat 3 months ago Reply


          • You means that Only Disable CDN from Cloud-flare ? No Need to Replace Cloud-flare Timeservers with Server Name-servers on Domain ?

            Nouman 3 months ago


  • Sorry Name-Servers*

    Nouman 3 months ago Reply


    • Yes, just disable CloudFlare

      Rehmat 3 months ago Reply


  • I tried this on a fresh ServerPilot install as root, and everything went well until I tried to restart nginx.

    Got this error “Job for nginx-sp.service failed because the control process exited with error code. See “systemctl status nginx-sp.service” and “journalctl -xe” for details.”

    $ nginx-sp gives me “nginx: [emerg] BIO_new_file(“/etc/letsencrypt/live/skipilots.com/fullchain.pem”) failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(‘/etc/letsencrypt/live/skipilots.com/fullchain.pem’,’r’) error:2006D080:BIO routines:BIO_new_file:no such file)”

    Any idea?

    Robby Milo 3 months ago Reply


    • Hi Robby, seems like the SSL wasn’t generated successfully. Re-run the script and it should fix the issue. If not, delete all content in /etc/letsencrypt and that should fix the issue.

      Rehmat 3 months ago Reply


  • this script worked for me thanks Rehamt.

    Basit 3 months ago Reply


    • Glad to know that it worked for you 🙂

      Rehmat 3 months ago Reply


  • Thank you Rehmat, please can you tell how to use SSL for more main/sub domain on same server where i have installed SSL as per your instruction and it is working fine for one domain.

    Regards,

    Zubair Hussain 3 months ago Reply


    • Hi Zubair,
      You can enable SSL for your all domains by executing the same (rwssl) command. Are you asking for bulk SSL install option?

      Rehmat 3 months ago Reply


  • Ready to install, press enter to continue

    Hanging on the above.
    Ubuntu 14.04.5 LTS

    Daniel 3 months ago Reply


  • I’ve tried to give this script a shot on a fresh install but it always seem to cause issues with nginx-sp for me. Everytime I try the install on my main domain I get the same error as mentioned above

    “Job for nginx-sp.service failed because the control process exited with error code. See “systemctl status nginx-sp.service” and “journalctl -xe” for details.”

    After running nginx-sp -t I get this:

    nginx: [emerg] BIO_new_file(“/etc/letsencrypt/live/username/fullchain.pem”) failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(‘/etc/letsencrypt/live/username.com/fullchain.pem’,’r’) error:2006D080:BIO routines:BIO_new_file:no such file)
    nginx: configuration file /etc/nginx-sp/nginx.conf test failed

    I’ve tried uninstalling/reinstalling and deleting the letsencrypt directory from /etc as per above but cant get it to work. nginx-sp starts backup when I uninstall the script and restart it but I can’t restart with it installed unforuantely.

    Anything else I could try?

    Dee 3 months ago Reply


    • Can you please clone the repo again and try the updated script? I’ve addressed some bugs and it should now work for you.

      Rehmat 2 months ago Reply


  • I could give you the biggest hug right now!! This was THE EASIEST script EVER!!

    erika 2 months ago Reply


    • Glad to know that you found it to be easy 🙂

      Rehmat 2 months ago Reply


  • Thank you for this script. While I can use your script to create a cert for a sub-domain, when I try to do so from my main domain, I get this error: SSL cannot be obtained at the moment. Please try again.

    Jason Pearce 2 months ago Reply


    • If it helps, I am migrating my site from server A to server B (both ServerPilot). Server A already had letsencrypt signing a cert with my domain. By chance do I have to inform letsencrypt that the domain and cert are moving from IP address A to a new IP address B? Could this be a reason why the script works on newly-created subdomains but not my main domain?

      Jason Pearce 2 months ago Reply


      • Hi Jason,
        You shouldn’t need to inform Let’s Encrypt for this change as this happens normally. Let’s Encrypt just verifies your control on the domain and if DNS has propagated fully and the domain is pointed to your new server, then a new SSL should be issued. Can you verify that the domain is fully pointed to your new server? Check for both IPv4 and IPv6 addresses and ensure that the DNS is updated. You should give this a try after some time and it should work.

        Rehmat 2 months ago Reply


        • Thank you (for the prompt reply and script). I likely did not give DNS enough time, for I wanted to limit the time the new server (Server B) was without https. This up to 48-hour DNS wait time is tricky when moving an online store from Server A to Server B. I’ll get it another shot this weekend when traffic is lighter. Since the subdomain worked and I was impatient, I bet you are right.

          Second question. In ServerPilot, you may assign more than one domain to an app (in my case, WordPress). By default, ServerPilot will create example.com and http://www.example.com. But I could also add server-b.example.com and/or dev.example.com to the same application. How would I use your script to have all of these domains within a single app within a LetsEncrypt certificate? By chance does your script “discover” all of the ServerPilot-created domains that belong to an app and include them in the Subject Alternative Name part of the cert?

          The reason I may want example.com, http://www.example.com, and dev.example.com all associated with the same WordPress site and ServerPilot app is that I could configure CloudFlare DNS to protect example.com and http://www.example.com, but not dev.example.com. That lets me test things with and without CloudFlare security features quite easily. I understand this may be an unusual and complex request that is beyond the scope of your script and what you’re trying to provide. Just thought I’d ask.

          Again, thanks for creating and sharing your work.

          Jason Pearce 2 months ago Reply


          • The DNS propagation time shouldn’t be 48 hours as it propagates quickly these days. One more thing, were you using CloudFlare when you attempted to obtain the SSL? If yes, then that’s the issue. Just pause CloudFlare and activate it again after the SSL is issued. If all this doesn’t work, then you can simply copy the issued SSL (cert files) from your old server to the new server manually. Regarding multiple domains for an app and Let’s Encrypt, currently, my script doesn’t discover the domains but you can execute it multiple times for each domain (providing the same app name) to obtain SSLs. I hope this helps.

            Rehmat 2 months ago


  • Hello! Installing for a subdomain tells me “SSL can not be obtained at the moment. Please try again.” I am doing something wrong? Thank you!

    Carina 2 months ago Reply


    • Hi Carina, are you using some sort of CDN like CloudFlare or the DNS is propagated? Check and confirm that your sub-domains are pointed to your server directly and then try to obtain the SSL again. It should work if there aren’t any DNS related issues.

      Rehmat 2 months ago Reply


  • Hello there!

    When I try to activate for a site, it says

    “Ready to install, press enter to continue”

    When I press enter, it stucks and nothing happens. My nginx-sp remain inactive until i manually restart it.

    İlter 2 months ago Reply


    • Hi İlter, did you use the most-recent script from GitHub? The latest update should fix all issues like you mention.

      Rehmat 2 months ago Reply


    • Same here. Cant get it to do anything.

      Craig Lovell 2 months ago Reply


      • Hi Craig,
        Can you please mention the specs of your server?

        Rehmat 2 months ago Reply


  • Hello,

    I have tried using your code but getting error after running the script “SSL cannot be obtained at the moment. Please try again.”

    I am running serverpilot WordPress App in Digitalocean Server and Logged in as root.

    Any suggestions what I might be missing?

    Thanks in Advance for the amazing script !! 🙂

    Abhishek Rijal 2 months ago Reply


    • Hi Abhishek,
      Are you using any sort of CDN like CloudFlare? This seems to be a DNS related issue.

      Rehmat 2 months ago Reply


  • Hi, Thanks for the script 🙂

    How to remove SSL and your script after it has been installed and ssl has been configured? Basically, how to revert all the changes caused by your script?

    Divij 2 months ago Reply


    • Hi Divij,
      The script just installs the official Let’s Encrypt libs if not found. Apart from that, virtual hosts are added for your domains. If you want to completely remove the script and all its changes, first of all, remove letsencrypt by executing apt remove letsencrypt after that, exeute the command rwssl, choose uninstall as option and uninstall your installed SSLs. Lastly, delete the script from /usr/local/bin/rwssl and that’s it.

      Rehmat 2 months ago Reply


      • Thanks for your prompt reply. I am using a previous version of the script. To update the script so that I have the latest version, I just need to enter the following command, right?

        sudo git clone https://github.com/rehmatworks/serverpilot-letsencrypt.git && cd serverpilot-letsencrypt && sudo mv sple.sh /usr/local/bin/rwssl && sudo chmod +x /usr/local/bin/rwssl && (crontab -l ; echo “@monthly \”sudo service nginx-sp stop && yes | letsencrypt –standalone renew &>/dev/null && service nginx-sp start && service nginx-sp reload\””)| crontab – && service cron reload

        Divij 2 months ago Reply


        • Yes, just run this command and the updated script should work perfectly on your server. There were some issues on Ubuntu 14.x with the older version of the script.

          Rehmat 2 months ago Reply


          • I am using a previous version of the script on my Ubuntu 16.04 install and it seems to be working fine. Do you suggest updating to the latest version? Will there be any changes in terms of functionality if the existing old script is working fine? You can see the exiting version of the script I am using here- http://textuploader.com/dl3ua

            Divij 2 months ago


          • On Ubuntu 16.04, the older script should be fine but I recommend you to pull the updated one as I’ve improved it considerably. In addition, the new script is simpler in terms of usage as well where you just need to type rwssl and then you will be prompted to enter the required information.

            Rehmat 2 months ago


  • Will update, Thanks again 🙂

    Divij 2 months ago Reply


  • Thanks for this amazing tip. For some reason, I ran into a problem at the end of the installation. I’m not sure if it has something to do with a Cloudflare (Full strict). Server is Ubuntu Xenial (16.04 latest).

    Error:

    “Ready to install, press enter to continue

    SSL cannot be obtained at the moment. Please try again.”

    Any tips?

    Mrks 2 months ago Reply


    • Hi,
      Yes, it’s because of CloudFlare as the domain is pointing to CloudFlare server. You will have to pause CloudFlare while obtaining the SSL and activate CloudFlare again once Let’s Encrypt issues the SSL. I hope this helps.

      Rehmat 2 months ago Reply


  • Hi Rehmat, I have the same problem, its giving me a SSL cannot be obtained at the moment. Please try again later error. I am not running cloudflare and did an nslookup and DNS is propagated correctly. Is there something else I should try? I am running a vps on digitalocean

    Alex 2 months ago Reply


    • Hi Alex, can you verify that both www and non-www versions of the domain point to the server properly?

      Rehmat 2 months ago Reply


      • That was it Rehmat! I forgot to add the non-www version. A million thanks!

        Alex 2 months ago Reply


        • You are welcome! Glad to know that you sorted it out 🙂

          Rehmat 2 months ago Reply


  • Hello omg this work 100% , lo uso en mis 2 pagianas que tienen mas de 3millones de visitas mensuales ya no tengo que pagar mas por ssl gracias!!!

    abner 2 months ago Reply


    • Glad to know that it worked for you 🙂

      Rehmat 2 months ago Reply


  • this is the best way to install ssl on serverpilot…

    it’s so good that it’s even easier than paid plan on serverpilot and even if i am on paid plan, i am using this script.

    thank you so much!

    Sanket Patel 2 months ago Reply


    • Thank you for your amazing appreciation Sanket 🙂 Glad to know it helped you.

      Rehmat 2 months ago Reply


  • I had used your guide to install SSL in my site.
    Now to renew what exactly should I do? I think the command that has been mentioned here in the blog is for installing the same with auto renewal.
    Please guide.

    Rajib 2 months ago Reply


    • Hi Rajib, simply clone the new script and it will add the auto-renewal job. All SSLs will be renewed in future. If any SSLs need to be renewed urgently, follow these steps:

      Stop Nginx:
      service nginx-sp stop
      Renew the SSL:
      letsencrypt renew
      Restart Nginx:
      service nginx-sp start && service nginx-sp reload

      Rehmat 2 months ago Reply


      • Thanks Rehmat, for your help. I had used manual steps while adding SSL in my site earlier. This time I have tried SSH to root then CD certbot and executed your command mentioned in the blog, then rwssl. It returned a response stating my SSL is on auto renewal already. Which is good. However this expires today so need to wait and watch if this gets taken care of else I will try your advice in the reply as you’ve mentioned.
        Any input for the time being for me?

        Rajib

        Rajib 2 months ago Reply


        • Yes, you should wait and see. If needed, run my suggested commands.

          Rehmat 2 months ago Reply


      • I do this command, for several domain it’s success but i got 1 error. It says

        2017-12-09 10:05:37,732:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/fabrikasi.co.id.conf produced an unexpected error: ‘server’. Skipping

        i already try using rwssl install command but still failed, what should i do?

        M. Rasyid 1 month ago Reply


        • Hi M. Rasyid, seems like the SSL was installed previously. Deleting everything from /etc/letsencrypt and then installing the SSL for each domain using rwssl command should address all issues.

          Rehmat 1 month ago Reply


  • Thanks for the script. It installed correctly, but the websites do not seem to default to https, User has to manually navigate to https version. Is there a way to force use/redirect https?

    Dlr 1 month ago Reply



    • Sorry for the late reply. I see that you have found a solution. BTW I’ll implement this feature in the next update so users will not need to do this redirect separately and manually.

      Rehmat 1 month ago Reply


  • Thank you Rehmat! That was a smooth install.

    Any chance of incorporating forcing HTTPS redirects in the near future?

    Sam 1 month ago Reply


    • Hello Sam, glad to know that you were able to install the SSLs easily using this script and thanks for asking about the HTTPS redirection option. I’ll implement this in next update.

      Rehmat 1 month ago Reply


  • BRILLIANT script — thank you so much for this! This worked without a hitch for me.

    As a side note, though, if my window’s scrunched, the placeholder for the previous message reads “What is the sum of 1 an” … an argument for labels on top if ever there was one ;-D

    Jeremy Carlson 1 month ago Reply


    • Hi Jeremy, glad to know that you found it helpful 🙂 And thanks for the issue related to spam check question. I will fix that now 🙂

      Rehmat 1 month ago Reply


  • Hi Rehmat, i just want to say thank you, this script is awesome and help a lot, save time and money. I just clone, run and ready with SSL. Thank you again.

    Harold Crow 1 month ago Reply


    • You are welcome Harold. Glad to know that you found it useful.

      Rehmat 1 month ago Reply


  • Hey Rehmat,

    I logged in as a root user, cloned it and rwssl but it still hasn’t changed anything when type in my domain name on google.

    Do I need to do something on my DNS or something or should it just work?

    Jonny green 1 month ago Reply


    • Nevermind, it worked but when i type in my domain how do i make sure it forces to https everytime?

      Johnny Green 1 month ago Reply


      • Hi Johnny,
        You don’t need to modify the DNS. To force the HTTPs, some rules need to be added to .htaccess file of your server. In next update of the script, I’ll add a feature so the HTTPS redirection will be enabled directly in nginx vhost. For now, you can find a lot of guides on how to force https via .htaccess file.

        Rehmat 1 month ago Reply


  • Hey!
    Thanks for the script!

    I’m having a problem installing it; it says
    The app name seems invalid as we didn’t find its directory on your server

    but the appname that I’m using is correct.

    What could I do wrong?

    Fred Dre 1 month ago Reply


    • Hi Fred, maybe the app is owned by any user other than serverpilot? The script assumes that your directory exists under ‘serverpilot’ user. For example if your app name is myapp, then the script will look for the directory at /srv/users/serverpilot/apps/myapp.

      Rehmat 1 month ago Reply


  • With this script the http2 doesn’t seem to be working… any ideas on that?

    Arthur Foulidis 1 month ago Reply


    • Hi Arthur, thanks for pointing out this. I’ve updated the script and now it supports HTTP2.

      Rehmat 1 month ago Reply


      • Hi and thank you so much just for replying.
        Can you please tell me if there are any actions I should take to enable http2 on already excising servers?

        Best regards,
        Arthur.

        Arthur Foulidis 1 month ago Reply


        • There are two possibilities, if you are using my script then you can delete the ssl vhosts for all domains (just SSL vhosts in /etc/nginx-sp/vhosts.d/), delete /etc/letsencrypt/ directory and then reinstall SSLs using rwssl command. Or if you want to modify the vhosts manually, then edit the SSL vhosts and add http2 like this:
          Change:

          listen 443 ssl;
          listen [::]:443 ssl;
          

          To:

          listen 443 ssl http2;
          listen [::]:443 ssl http2;
          

          After making these changes, you will have to reload nginx by running service nginx-sp reload

          Rehmat 1 month ago Reply


  • jazakallah for the awesome share brother. I would really really appreciate if you could help us creating an SSL certificate with auto-renewal for RunCloud & also how to add FTP users as well. Thanks so much.

    Abdul 1 month ago Reply


    • Hello Abdul,
      I’ll check into this. Thanks!

      Rehmat 1 month ago Reply


  • I get the error
    SSL cannot be obtained at the moment. Please try again.

    what’s this?

    Tobi 1 month ago Reply


    • Ensure that you aren’t using any proxy like CloudFlare as well as both www and non-www versions of your domain are pointed to your server.

      Rehmat 1 month ago Reply


  • Will this work on runcloud?

    Faizan 2 weeks ago Reply


    • Hi Faizan,
      No, it only supports ServerPilot.

      Rehmat 2 weeks ago Reply


      • Please post for runcloud . It’s much better and faster than serverpilot according to https://quvor.com/serverpilot-vs-runcloud-wordpress/. You’ll love it too. Thanks.

        Faizan 2 weeks ago Reply


        • I’ll give it a try and will post something when I use and like it.

          Rehmat 2 weeks ago Reply


          • I agree with Faizan, runcloud will be a nice addon, thanks Rehmat for taking your time to look at it.

            Vahn 2 weeks ago


  • Does this enable http2 on the free plan? If not, what steps should I take to enable it? Thanks

    faizan 7 days ago Reply


    • Hello Faizan, yes, it enables http2 support on the free plan.

      Rehmat 7 days ago Reply


      • Thanks for replying. So that means using this, it’ll auto enable http2 right? Thank you so much.

        Faizan 7 days ago Reply


        • Yes, all new SSL sites configured by this script will support http2.

          Rehmat 6 days ago Reply


  • Hello Rehmat,

    Simple and easy to use, I love it!

    I just had an issue that hopefully you can help me to solve:
    1. I pointed my subdomain (only non-www version) with A record on cloudflare (deactivating the orange cloud) to my server IP
    2. I added the subdomain to my app on ServerPilot (it added both www and non-www)
    3. I executed your script and certificate was added without problem.
    “SSL should have been installed for xx.xx.com with auto-renewal (via cron)”
    4. I tested it on browser and it worked. I also set the .htaccess to force redirection and also was working.

    Then after couple of hours it stopped working, showing that site is not secure.

    I run the command again and created a new certificate and now is working again.

    My question is, did I made any mistake (apart from not adding the www A record). Is it normal that it stopped working, and can that happen again?

    Thank you very much!

    Alex 6 days ago Reply


    • Hi Alex,
      You don’t need to add www. That’s correct what you are doing. Regarding the invalid SSL error, that sounds strange. Maybe you removed the SSL vhost? This error should not come again unless SSL vhost is deleted or if the cert files are removed.

      Rehmat 6 days ago Reply


      • I didn’t touch anything on server after that.

        I only sent visits to my site and then I realized CTR on landing page was not right. That’s how I noticed it was not working. I’m just concerned that can happen again.

        Is testing on browser is the best way to check that all is ok?
        Shall I just do a new subdomain. Do I need the step 2) described on my previous comment ?

        Alex 6 days ago Reply


        • I did ssh as root btw, not as serverpilot user.

          Alex 6 days ago Reply


          • I don’t think you need to use another sub-domain. These errors don’t come usually. If SSL is working fine, then it should work fine always. There isn’t any automated process that’d delete the certs or vhosts.

            Rehmat 6 days ago


          • Thanks. It just happened again to the same domain.
            Do you think you can help?

            Alex 6 days ago


          • I think I know what must have been the issue.

            1st certificate was sub1.mydomain.com.
            Then I created a certificate for sub2.mydomain.com

            when I see the content of /etc/nginx-sp/vhosts.d/appname-ssl.conf it has overwritten the 1st certificate with the second.

            Does it mean I need a new app for each certificate?

            Thank you!

            Alex 6 days ago


          • Ah, you need to use a single domain or sub-domain for an app. Now decide on one sub-domain for that app, add it to the app and install the SSL. It should work fine. As the vhosts are created based on app name, so your previous vhost was overwritten with the new subdomain.

            Rehmat 5 days ago


          • Thanks, got it.

            Did serverpilot changed anything recently?
            I created 2 fresh servers today, added the domain, created the SSL and then nginx stopped working. I wrote to support and they said:

            “Hello,

            This is due to the Nginx customizations in place on the servers. Please remove them, restart Nginx, and all should be well.

            Best,”

            Alex 5 days ago


          • Maybe they have changed something. I’ll deploy a new server and will test the script there. Thanks for pointing this issue out.

            Rehmat 5 days ago


  • “Maybe they have changed something. I’ll deploy a new server and will test the script there. Thanks for pointing this issue out.”

    Please keep me updated 🙂 thx

    Alex 4 days ago Reply


  • Hi Rehmat,
    About recently security update by Let’s Encrypt,
    https://community.letsencrypt.org/t/2018-01-11-update-regarding-acme-tls-sni-and-shared-hosting-infrastructure/50188

    Does this change affect your script ? thx

    Jun 3 days ago Reply


    • Hi Jun,
      I’m using the standalone server of Let’s Encrypt to validate a domain so this update should not affect the script. Thanks for bringing this update to my notice. I’ll check this in depth to see what they have changed.

      Rehmat 2 days ago Reply


Post A Reply