This topic contains 17 replies, has 7 voices, and was last updated by 
- Posts
No matter what I do, I cant seem to get the LetsEncrypt tab to appear.
I have enabled it in the hosting plan quota and I am using Server 2012 R2.Any Ideas?
Hi Paul,
Let’s Encrypt will appear as a button under the SSL tab, if you mean that the ssl tab won’t appear
You need to complete two tasks, install AcmeSharp on your webserver https://github.com/ebekker/ACMESharp/wiki/Quick-Start
Complete Step 1 and 2 in that linkThe other thing is to enable SNI in IIS however this instruction confused me because SNI is enabled in IIS8 by default, what this instruction means is that you have to enable SNI inside MSP Control, go into server management and drill down to IIS on your webserver(s) and tick the SNI checkbox.
hope this helps, I had this issue took me a couple of days to figure it out.
James.
Excellent – thanks James… Havent tried it yet, but certainly I havent done either of those things!!!
Will try later and report back.Paul
Having followed the above, I now get the SSL Tab. When generating a certificate for a site, I get the following in the panel:
Error installing certificate
Unable to create/install Lets Encrypt Certificate: Cannot import ACMESharp Powershell Module! Install ACMESharp and make sure the application pool is 64 bit.Im not very good with powershell, but everything did seem to install correctly (I used the chocolatey option).
However, the lines ‘Import-Module ACMESharp’ and ‘Initialize-ACMEVault’ didnt error, but also didnt give me any indication that they had actually done anything.Any ideas?
Still looking for suggestions on this one, if anyone can help?
Check the application pool in IIS running the MSPControl Server Component on the webserver where you are trying to create the certificate. It should say: Enable 32-bit applications: false.
Thanks for your suggestion Olov. Unfortunately this isnt the case. My App Pool is indeed already saying that.
Any other ideas?🙁
Paul
Similar problem here with Windows Server 2016. The SSL tab is not showing.
There’s no option to enable SNI for this server. I compared with the MSPControl IIS options for another server running Windows Server 2012 R2, and most of the SSL settings including “Use SNI (Server Name Indication)” are just MISSING for Windows Server 2016.
I confirmed the app pool setting, “Enable 32-bit applications” is false. Thanks!
Anonymous
I’ve had the same issue like Paul.
Did you restart the www service? Or reboot the server.This fixed it for me.
Guys we will raise this with the developer.
Well – it’s worth mentioning that I installed the powershell module using “run as administrator” (for the correct powershell version) and then I had to restart the www service.
After that it worked.On a side note – this feature is AMAZING!! So happy it was added to mspc.
1 user thanked author for this post.
Bogdan, thanks for the nice comments. We’ve just started working on improving a lot of the core functionality around IIS, there are lots of things coming – I personally have ignored the IIS side of things and have focused a lot on Orgs, but due to security we’ve had to come back and work out a lot of things. We will be adding a lot of things to IIS, on Monday we will be starting a ClamAV integration to allow scanning of website files and provide quarantining abilities on files scanned. It’s only the start glad you like it.
Also like to mention Bodgan, we also added an automatic renewal scheduled task and notification templates in mail templates. 15 days before expiration, it will attempt automatically to renew and will notify domain owner of success or failure.
We also added to website grid new statuses around SSL status.
I noticed those – And I think they are useful. At least you know in a few seconds if it’s ssl enabled or not. I also like that it works with ssl providers other than lets encrypt, and importing the ssl is 1 click away. I have a few other ssl sites, and I imported all the ssl certs into it.
Automatic renewal – the icing on top! Seriously – this is amazing. 1 click ssl install + automatic renewal…Coming from a small hosting company – we only use Exchange on the hosted orgs side. Our RDP model is a little atypical, and I haven’t had the time to see if it’s feasible to incorporate it into mspc (we have about 20 separate small AD forests). I haven’t even had time to test the rds functionality that mspc provides… (embarrassing). Can I support separate AD forests or do I need to migrate all of them into the main one?? lol
My point was that I haven’t had issues with hosted orgs, but given that you guys support SO MANY PRODUCTS, I can see why it takes the spotlight.ClamAV would be awesome. We also use Xeams for spamming – and they recently added ClamAV support too. This is something I will definitely configure for xeams, but maybe I can get away with a single instance for both mspc and xeams. It only gets better!
PS – at first, after you made it into a paid product – I was like – yea, sure, they’ll cash in, and don’t do anything, and 3 years later kill it. I was already looking at other products. But now – after automatic updates, and all the products to support, including linux – this is DA BEST!
Thanks Bogdan, we are only beginning. I tell people all the time that for me the development here was never about the money, Virtuworks is successful because of the work we do here and we continually invest regardless, we chose to have a paid model because honestly, it’s the only way to raise more money!
On RDS, no it’s built around the RDS Farm method, sure you could put an MSPControl Org node and RDS node on each of the sub forests like if they were full org deployments and handle it that way (which would be totally supported) but you would need a lot of virtual Servers (MSPC Control not VM) to support it. We have a cluster of 6 VM’s (3 Gateways and 3 Connection brokers) and behind them we VLAN each client Terminal server into a protected firewalled Silo and everyone is part of the same domain, so we can support a single signon. Add Office 365 module and you can single signon Office 365 from the RDS desktops it’s pretty amazing stuff. I’d also recommend checking out cloud folders, it’s been heavily developed and with the combination of RDS, it will spin up GPO managed SMB3 Shares internally, and make them WebDAV enabled outside. This means the end user ends up with two modes of access, SMB inside and WebDAV from outside. Now why WebDAV Externally? Combine it with our new desktop agent which manages the WebDAV drives and automaps them based on org user permissions to folders? See where we are headed? You can read about all the winagent features here.
This is an emerging idea, so feedback with it is good. It kind of works like box. The agent will do many things other than drive mapping, the idea is to have complete user self configuration. Currently it does Cloud Folders and RDS Control panel linking.
Would also like to note, the winagents are to support domainless BYOB devices, they do not need to be part of any network, allowing users to roam freely.
Hello,
I am new with mspcontrol and i love it. But i have a Problem with the Lets Enrypt
I cant see the SSL Tab after the Installing the two steps below the link:
https://github.com/ebekker/ACMESharp/wiki/Quick-Start
i did this step: The NEW Quick Start for version 0.9.0 can be found here.
The Installing Ends without any error and i can see a valid certificat on iis.
The Server is Server 2016 Standard with all updates.I restarted the Server but this didnt help. The SSL Tab is still missing.
Any idea?Thanks
Hello I solved this issue with the ssl tab. I Setup an ipadress uunder Settings ipadress and now the ssl tab appears.
thanks.
You must be logged in to reply to this topic.