Tagged: 

This topic contains 19 replies, has 9 voices, and was last updated by  Webio 2 months, 2 weeks ago.

  • Author
    Posts
  • #3268
     Paul 
    Member

    No matter what I do, I cant seem to get the LetsEncrypt tab to appear.
    I have enabled it in the hosting plan quota and I am using Server 2012 R2.

    Any Ideas?

    0
    Be the first one to like this.
    Please wait...
    #3276
     James 
    Member

    Hi Paul,

    Let’s Encrypt will appear as a button under the SSL tab, if you mean that the ssl tab won’t appear

    You need to complete two tasks, install AcmeSharp on your webserver https://github.com/ebekker/ACMESharp/wiki/Quick-Start
    Complete Step 1 and 2 in that link

    The other thing is to enable SNI in IIS however this instruction confused me because SNI is enabled in IIS8 by default, what this instruction means is that you have to enable SNI inside MSP Control, go into server management and drill down to IIS on your webserver(s) and tick the SNI checkbox.

    hope this helps, I had this issue took me a couple of days to figure it out.

    James.

    0
    Be the first one to like this.
    Please wait...
    #3278
     Paul 
    Member

    Excellent – thanks James… Havent tried it yet, but certainly I havent done either of those things!!!
    Will try later and report back.

    Paul

    0
    Be the first one to like this.
    Please wait...
    #3293
     Paul 
    Member

    Having followed the above, I now get the SSL Tab. When generating a certificate for a site, I get the following in the panel:

    Error installing certificate
    Unable to create/install Lets Encrypt Certificate: Cannot import ACMESharp Powershell Module! Install ACMESharp and make sure the application pool is 64 bit.

    Im not very good with powershell, but everything did seem to install correctly (I used the chocolatey option).
    However, the lines ‘Import-Module ACMESharp’ and ‘Initialize-ACMEVault’ didnt error, but also didnt give me any indication that they had actually done anything.

    Any ideas?

    0
    Be the first one to like this.
    Please wait...
    #3517
     Paul 
    Member

    Still looking for suggestions on this one, if anyone can help?

    0
    Be the first one to like this.
    Please wait...
    #3518
     Olov Karlsson 
    Member

    Check the application pool in IIS running the MSPControl Server Component on the webserver where you are trying to create the certificate. It should say: Enable 32-bit applications: false.

    0
    Be the first one to like this.
    Please wait...
    #3519
     Paul 
    Member

    Thanks for your suggestion Olov. Unfortunately this isnt the case. My App Pool is indeed already saying that.
    Any other ideas?

    🙁

    Paul

    0
    Be the first one to like this.
    Please wait...
    #4287
     Brett 
    Member

    Similar problem here with Windows Server 2016. The SSL tab is not showing.

    There’s no option to enable SNI for this server. I compared with the MSPControl IIS options for another server running Windows Server 2012 R2, and most of the SSL settings including “Use SNI (Server Name Indication)” are just MISSING for Windows Server 2016.

    I confirmed the app pool setting, “Enable 32-bit applications” is false. Thanks!

    0
    Be the first one to like this.
    Please wait...
    #4508
     Anonymous

    I’ve had the same issue like Paul.
    Did you restart the www service? Or reboot the server.

    This fixed it for me.

    0
    Be the first one to like this.
    Please wait...
    #4509
     MSPControl 
    Keymaster

    Guys we will raise this with the developer.

    0
    Be the first one to like this.
    Please wait...
    #4510
     Anonymous

    Well – it’s worth mentioning that I installed the powershell module using “run as administrator” (for the correct powershell version) and then I had to restart the www service.
    After that it worked.

    On a side note – this feature is AMAZING!! So happy it was added to mspc.

    1
    1 person likes this.
    Please wait...
    1 user thanked author for this post.
    #4511
     MSPControl 
    Keymaster

    Bogdan, thanks for the nice comments. We’ve just started working on improving a lot of the core functionality around IIS, there are lots of things coming – I personally have ignored the IIS side of things and have focused a lot on Orgs, but due to security we’ve had to come back and work out a lot of things. We will be adding a lot of things to IIS, on Monday we will be starting a ClamAV integration to allow scanning of website files and provide quarantining abilities on files scanned. It’s only the start glad you like it.

    0
    Be the first one to like this.
    Please wait...
    #4512
     MSPControl 
    Keymaster

    Also like to mention Bodgan, we also added an automatic renewal scheduled task and notification templates in mail templates. 15 days before expiration, it will attempt automatically to renew and will notify domain owner of success or failure.

    We also added to website grid new statuses around SSL status.

    0
    Be the first one to like this.
    Please wait...
    #4525
     Anonymous

    I noticed those – And I think they are useful. At least you know in a few seconds if it’s ssl enabled or not. I also like that it works with ssl providers other than lets encrypt, and importing the ssl is 1 click away. I have a few other ssl sites, and I imported all the ssl certs into it.
    Automatic renewal – the icing on top! Seriously – this is amazing. 1 click ssl install + automatic renewal…

    Coming from a small hosting company – we only use Exchange on the hosted orgs side. Our RDP model is a little atypical, and I haven’t had the time to see if it’s feasible to incorporate it into mspc (we have about 20 separate small AD forests). I haven’t even had time to test the rds functionality that mspc provides… (embarrassing). Can I support separate AD forests or do I need to migrate all of them into the main one?? lol
    My point was that I haven’t had issues with hosted orgs, but given that you guys support SO MANY PRODUCTS, I can see why it takes the spotlight.

    ClamAV would be awesome. We also use Xeams for spamming – and they recently added ClamAV support too. This is something I will definitely configure for xeams, but maybe I can get away with a single instance for both mspc and xeams. It only gets better!

    PS – at first, after you made it into a paid product – I was like – yea, sure, they’ll cash in, and don’t do anything, and 3 years later kill it. I was already looking at other products. But now – after automatic updates, and all the products to support, including linux – this is DA BEST!

    0
    Be the first one to like this.
    Please wait...
    #4526
     MSPControl 
    Keymaster

    Thanks Bogdan, we are only beginning. I tell people all the time that for me the development here was never about the money, Virtuworks is successful because of the work we do here and we continually invest regardless, we chose to have a paid model because honestly, it’s the only way to raise more money!

    On RDS, no it’s built around the RDS Farm method, sure you could put an MSPControl Org node and RDS node on each of the sub forests like if they were full org deployments and handle it that way (which would be totally supported) but you would need a lot of virtual Servers (MSPC Control not VM) to support it. We have a cluster of 6 VM’s (3 Gateways and 3 Connection brokers) and behind them we VLAN each client Terminal server into a protected firewalled Silo and everyone is part of the same domain, so we can support a single signon. Add Office 365 module and you can single signon Office 365 from the RDS desktops it’s pretty amazing stuff. I’d also recommend checking out cloud folders, it’s been heavily developed and with the combination of RDS, it will spin up GPO managed SMB3 Shares internally, and make them WebDAV enabled outside. This means the end user ends up with two modes of access, SMB inside and WebDAV from outside. Now why WebDAV Externally? Combine it with our new desktop agent which manages the WebDAV drives and automaps them based on org user permissions to folders? See where we are headed? You can read about all the winagent features here.

    MSPControl Desktop Agent

    This is an emerging idea, so feedback with it is good. It kind of works like box. The agent will do many things other than drive mapping, the idea is to have complete user self configuration. Currently it does Cloud Folders and RDS Control panel linking.

    0
    Be the first one to like this.
    Please wait...
    #4527
     MSPControl 
    Keymaster

    Would also like to note, the winagents are to support domainless BYOB devices, they do not need to be part of any network, allowing users to roam freely.

    0
    Be the first one to like this.
    Please wait...
    #8496
     ciavarella 
    Member

    Hello,
    I am new with mspcontrol and i love it. But i have a Problem with the Lets Enrypt
    I cant see the SSL Tab after the Installing the two steps below the link:
    https://github.com/ebekker/ACMESharp/wiki/Quick-Start
    i did this step: The NEW Quick Start for version 0.9.0 can be found here.
    The Installing Ends without any error and i can see a valid certificat on iis.
    The Server is Server 2016 Standard with all updates.

    I restarted the Server but this didnt help. The SSL Tab is still missing.
    Any idea?

    Thanks

    0
    Be the first one to like this.
    Please wait...
    #8498
     ciavarella 
    Member

    Hello I solved this issue with the ssl tab. I Setup an ipadress uunder Settings ipadress and now the ssl tab appears.
    thanks.

    0
    Be the first one to like this.
    Please wait...
    #8523
     Michele 
    Member

    in relation to post This topic
    the video This Video

    in my TAB SSL present in the website is missing the install free certificate Let’s Encrypt.
    See attached images.

    How can I add this button?
    Thank you

    0
    Be the first one to like this.
    Please wait...
    Attachments:
    #8596
     Webio 
    Member

    You should enable “SSL from Let’s Encrypt” in hosting plan configuration. This is additional quota which needs to be enabled

    0
    Be the first one to like this.
    Please wait...
Viewing 20 posts - 1 through 20 (of 20 total)

You must be logged in to reply to this topic.

©2018 MSPControl | Privacy Policy

Log in with your credentials

or    

Forgot your details?

Create Account