automating SSL cert renewals

Is it possible to automate the SSL cert setup? Either through scripting or some other method?

We'd like to move to ACME to automate our SSL certs for web and FTP, but I can't seem to find out if this is possible with serv-u.

Parents
  • I forgot to update the thread, but here is how I did it. It was very easy.

    Notes:

    • I used https://www.win-acme.com/ to fetch certs from https://letsencrypt.org/
    • basically, win-acme has the ability to produce PEM files that are usable by servu as CRT and KEY files
    • the renewal process will replace the files in place and servu will pick up the new ones.
    • win-acme was installed as usual.
    • Certs for HTTP/IIS were created separately in win-acme. The process below is for the cert for the FTP subdomain only. 

    win-acme method:

    1. M - Create certificate (full)

    2. 2 - Manual input

      • ftp.mydomain.com

      • Friendly Name : ftp.mydomain.com

    3. 4 - Single Certificate

    4. 2 - Serve from memory

    5. 2 - RSA

    6. 2 - PEM

      • NOTE: The PEM files are also usable as is, with no renaming needed as crt and key files (which servu needs)

    7. Enter the Path the files will be placed into

      • ex C:\SSLCerts (or wherever)

    8. Set the password

      1. record this 

      2. you will need this later in ServU

    9. 3 - No additional steps

    10. When specifying the user to run the task, say no

    11. It will run and create the cert in the directory and set up the renewal task (if needed)

    12. To install in servU

      1. To install the cert in servU, open the ServU management console and navigate to the domain in question

      2. Go to Limits and Settings - Encryption

      3. Under SSL Certificate

        1. In the Certificate Path, add ftp.mydomain.com-crt.pem

        2. In the Private Key Path, add ftp.mydomain.com-key.pem

        3. Under password, add the password you set above

        4. Save

      4. Under SSH Private Key

        1. In the Private Key Path, add ftp.mydomain.com-key.pem

        2. Under password, add the password you set above

        3. Save

    13. Done

    Hope it helps someone.

Reply
  • I forgot to update the thread, but here is how I did it. It was very easy.

    Notes:

    • I used https://www.win-acme.com/ to fetch certs from https://letsencrypt.org/
    • basically, win-acme has the ability to produce PEM files that are usable by servu as CRT and KEY files
    • the renewal process will replace the files in place and servu will pick up the new ones.
    • win-acme was installed as usual.
    • Certs for HTTP/IIS were created separately in win-acme. The process below is for the cert for the FTP subdomain only. 

    win-acme method:

    1. M - Create certificate (full)

    2. 2 - Manual input

      • ftp.mydomain.com

      • Friendly Name : ftp.mydomain.com

    3. 4 - Single Certificate

    4. 2 - Serve from memory

    5. 2 - RSA

    6. 2 - PEM

      • NOTE: The PEM files are also usable as is, with no renaming needed as crt and key files (which servu needs)

    7. Enter the Path the files will be placed into

      • ex C:\SSLCerts (or wherever)

    8. Set the password

      1. record this 

      2. you will need this later in ServU

    9. 3 - No additional steps

    10. When specifying the user to run the task, say no

    11. It will run and create the cert in the directory and set up the renewal task (if needed)

    12. To install in servU

      1. To install the cert in servU, open the ServU management console and navigate to the domain in question

      2. Go to Limits and Settings - Encryption

      3. Under SSL Certificate

        1. In the Certificate Path, add ftp.mydomain.com-crt.pem

        2. In the Private Key Path, add ftp.mydomain.com-key.pem

        3. Under password, add the password you set above

        4. Save

      4. Under SSH Private Key

        1. In the Private Key Path, add ftp.mydomain.com-key.pem

        2. Under password, add the password you set above

        3. Save

    13. Done

    Hope it helps someone.

Children
No Data