ServerPilot’s free plan doesn’t let you enable SSL on your apps using their web-based interface but if you need to install SSL certs on your apps in a ServerPilot free server, then I’ve brought you a useful Python package (available via PIP) that will automate the SSL installation for you.

Getting Started
Sign into your server as root using an SSH client and then install the package using PIP. If PIP isn’t installed on your system, first install it:

apt install python-pip
And then install rwssl package:

pip install rwssl
Once installed, you will have a new command rwssl available in your SSH client.

Installing SSLs
To install SSL certs on all apps automatically, run:

rwssl -a
The above command will instruct rwssl to find all apps, parse their domains by analyzing vhost files and then it will obtain SSL certs for all of the domains listed in the vhost file.

If you want to ignore some apps and install SSL certs on the remaining ones, that’s an easy task. Just run:

rwssl -i ‘app1,app2,app3,app4’
Above command will make rwssl ignore app1, app2, app3 and app4 and install SSL certificates on all remaining apps.

In some scenarios, you will need to install SSL certificates for the newly added apps only. This can be achived easily as well. Simply do:

rwssl -f
This command will obtain and install SSL certs on the fresh apps only that don’t have any SSL certificate installed on them yet.

Sometimes you might encounter issues with old SSL vhost files either added manually or using my old script. There is a command available to refresh all SSL websites:

rwssl -re
Please note that above command will delete all SSL vhost files, will obtain new SSL certs and then it will rewrite the SSL vhosts. If any orphaned vhost files are there (i.e. without any active domains on them), they will get deleted and they will not be created again.

Obviously you aren’t bound to run the SSL installation command on some bulk apps only and SSL certs can be installed on an individual app as well:

rwssl -n appname
Renewing SSLs
To enable auto-renewal of SSLs, enable rwssl CRON job:

rwssl -ic
And to attempt the renewal manually, run:

rwssl -r
Enabling Auto-Pilot Mode
This is yet another CRON job that runs every few minutes, finds newly added apps and then it obtains SSL certs for those apps automatically. When enabled, you don’t need to SSH into your server again and again. Simply add your app using ServerPilot control panel, wait for a few minutes and SSL cert will be available on your app automatically:

rwssl -ap
And to disable auto-pilot mode, do:

rwssl -na
Forcing HTTPS (301)
You don’t need to force HTTPS using .htaccess file as this option is packaged with rwssl already. To force HTTPS, simply run:

rwssl -redir all

rwssl -redir appname
The first command will force HTTPS on all apps and the second one will force HTTPS on a single app.

To disable the HTTPS redirect:

rwssl -noredir all

rwssl -noredir appname
If you are using my old script, then you need to first delete it and then follow the Getting Started section in this guide:

rm /usr/local/bin/rwssl && pip install rwssl
Upgrading to a newer version is super-easy:

pip install –upgrade rwssl
To uninstall rwssl, simply do:

pip uninstall rwssl
And then delete the added CRON jobs:

# Delete SSL renewal cron
rm /etc/cron.d/rwsslrenew
# Also delete auto-pilot cron
rm /etc/cron.d/rwssl
The package is hosted at GitHub and PyPi. If you have any issue with rwssl, then you can either leave a comment below or open an issue at GitHub page.

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.