Get other programs on QuickBox to use LE certs

https://quickbox.io/knowledgebase/get-other-programs-on-quickbox-to-use-le-certs/

Here is the procedure to get other programs using LE certs
Replace USER with your username and DOMAIN with domain

CSF:

service csf stop && service lfd stop
cp /etc/csf/ui/server.crt /etc/csf/ui/server.crt.backup
cp /etc/csf/ui/server.key /etc/csf/ui/server.key.backup
rm -f /etc/csf/ui/server.crt
rm -f /etc/csf/ui/server.key
ln -s /etc/letsencrypt/live/DOMAIN/privkey.pem /etc/csf/ui/server.key
ln -s /etc/letsencrypt/live/DOMAIN/cert.pem /etc/csf/ui/server.crt
service csf start && service lfd start

ZNC:

cp /home/znc/.znc/znc.pem /home/znc/.znc/znc.pem.backup
cat /etc/letsencrypt/live/DOMAIN/{privkey,cert,chain}.pem > /home/znc/.znc/znc.pem

Deluge:

service deluge-web@USER stop && service deluged@USER stop
sed -i -- 's/"https": false,/"https": true,/g' /home/USER/.config/deluge/web.conf
cp /home/USER/.config/deluge/ssl/daemon.cert /home/USER/.config/deluge/ssl/daemon.cert.backup
cp /home/USER/.config/deluge/ssl/daemon.pkey /home/USER/.config/deluge/ssl/daemon.pkey.backup
rm -f /home/USER/.config/deluge/ssl/daemon.cert
rm -f /home/USER/.config/deluge/ssl/daemon.pkey
cat /etc/letsencrypt/live/DOMAIN/privkey.pem > /home/USER/.config/deluge/ssl/daemon.pkey
cat /etc/letsencrypt/live/DOMAIN/cert.pem > /home/USER/.config/deluge/ssl/daemon.cert
chmod 0644 /home/USER/.config/deluge/ssl/daemon.pkey
chmod 0644 /home/USER/.config/deluge/ssl/daemon.cert
service deluge-web@USER start && service deluged@USER start

Now edit crontab to overwrite znc and deluge certs after renewal

echo "cat /etc/letsencrypt/live/DOMAIN/{privkey,cert,chain}.pem > /home/znc/.znc/znc.pem" >> /home/USER/le-post-hook.sh
echo "cat /etc/letsencrypt/live/DOMAIN/privkey.pem > /home/USER/.config/deluge/ssl/daemon.pkey" >> /home/USER/le-post-hook.sh
echo "chmod 0644 /home/USER/.config/deluge/ssl/daemon.pkey" >> /home/USER/le-post-hook.sh
echo "cat /etc/letsencrypt/live/DOMAIN/cert.pem > /home/USER/.config/deluge/ssl/daemon.cert" >> /home/USER/le-post-hook.sh
echo "chmod 0644 /home/USER/.config/deluge/ssl/daemon.cert" >> /home/USER/le-post-hook.sh
chmod +x /home/USER/le-post-hook.sh

Now edit crontab with crontab -e and contents:

30 2 * * 1 /opt/letsencrypt/letsencrypt-auto renew --post-hook "sudo /home/USER/le-post-hook.sh" >> /var/log/le-renew.log
4 Likes

Hi,

Thanks for the wiki!

I managed to install the LE certificate sucessfully for Deluge but I’m wondering if the crontab command for auto-renewal is compatible with the current state of the script?

“30 2 * * 1 /opt/letsencrypt/letsencrypt-auto renew --post-hook “sudo /home/USER/le-post-hook.sh” >> /var/log/le-renew.log”

This doesn’t work if installing LetsEncrypt through “box install letsencrypt”, right? I can’t seem to find “letsencrypt-auto” in /opt/letsencrypt

sudo crontab -l

It should automatically be there if you used the box installer for it.

When editing the BTSync config.json, a comma needs to be added at the end of the above line of the lines being added. This wasn’t mentioned in the Wiki and some may not know. :grin:

Hi,

my box is fresh install with quickbox new version. its seem i cant find letsencrypt folder.

does LE changing folder directory? anyone know that?

cat: /etc/letsencrypt/live/DOMAIN/privkey.pem: No such file or directory
cat: /etc/letsencrypt/live/DOMAIN/cert.pem: No such file or directory
cat: /etc/letsencrypt/live/DOMAIN/chain.pem: No such file or directory

tqvm

Is there a way to adjust plex to use https with the LE certificates?

what would be the crontab for renewing these certs, using the updated way of installing letsencrypt with box install letsencrypt since now there is no /etc/letsencrypt or /opt/letsencrypt

I managed to use the certs using:

cat /etc/apache2/ssl/certs/domain.com-ssl.key > /home/main/.config/deluge/ssl/daemon.pkey
cat /etc/apache2/ssl/certs/domain.com-ssl.pem > /home/main/.config/deluge/ssl/daemon.cert
cat /etc/apache2/ssl/certs/{domain.com-ssl.key,domain.com-ssl.pem} > /home/znc/.znc/znc.pem

But I can’t figure a way to have them auto renew.
I’d appreciate an update on your tutorial. Thanks.