CyberPanel

cyberpanelletencrypt-or-zerossl.png

Debugging certificate requesting issues when a self-signed certificate is created instead.

Run from SSH:

/root/.acme.sh/acme.sh --issue -d <YOUR_DOMAIN> -d www.<YOUR_DOMAIN> --cert-file /etc/letsencrypt/live/<YOUR_DOMAIN>/cert.pem --key-file /etc/letsencrypt/live/<YOUR_DOMAIN>/privkey.pem --fullchain-file /etc/letsencrypt/live/<YOUR_DOMAIN>/fullchain.pem -w /home/<YOUR_DOMAIN>/public_html --force --debug

 

You might find these lines of warning showing in a slightly different color [depending on your ssh terminal]:

[Friday 07:07:2021 00:00:11 PM UTC] No EAB credentials found for ZeroSSL, let's get one
[Friday 07:07:2021 00:00:11 PM UTC] acme.sh is using ZeroSSL as default CA now.
[Friday 07:07:2021 00:00:11 PM UTC] Please update your account with an email address first.
[Friday 07:07:2021 00:00:11 PM UTC] acme.sh --register-account -m [email protected]
[Friday 07:07:2021 00:00:11 PM UTC] See: https://github.com/acmesh-official/acme.sh/wiki/ZeroSSL.com-C

 

New CyberPanel 2.1+ has switched suddenly to use of zerossl as the default certificate authority instead of LetsEncrypt certificate authority.
This will likely limit your ssl certificate freedom as it is likely just acting as a third party between you and LetsEncrypt.org, to put a cap on and charge you when you reach a certain number of certificates for your cyberpanel deployment.

If you're ok with zerossl acting as default and go-between run the command the debugger recommended, substituting [email protected] with your actual email address:

/root/.acme.sh/acme.sh --register-account -m [email protected]

 Or change the default back to the legitimately preferred certificate authoritive LetsEncrypt, running this command:

/root/.acme.sh/acme.sh --set-default-ca --server letsencrypt
[Friday 07:07:2021 00:00:11 PM UTC] Changed default CA to: https://acme-v02.api.letsencrypt.org/directory

 

Tags: