Install acme.sh for use of Lets Encrypt and ISPConfig DNS API – update certificates

How to install acme.sh for use of Lets Encrypt and ISPConfig (dns) API. Then change certificates for services

1. Install Acme.sh

curl https://get.acme.sh | sh

2. Update acme.sh home, certhome and account email

acme.sh --upgrade --home /usr/local/acme.sh --certhome /etc/acme.sh --accountemail "email@domain.tld"

3. Create a remote user in ISPConfig

3.1 Login to ISPConfig panel, go to system > Remote User
3.2 Add new user
3.3 Assign rights:
– DNS Zone Functions
– DNS TXT Functions

4. Request certificate using DNS api

export ISPC_User="remoteuser"
export ISPC_Password="password"
export ISPC_Api="https://web.example.tld:8080/remote/json.php"
export ISPC_Api_Insecure=1 (use 1 for selfsigned cert, use 0 for valid SSL cert)
acme.sh --issue --dns dns_ispconfig -d sub.domain.tld

5. Replace Webmin certificate

mv /etc/webmin/miniserv.pem /etc/webmin/miniserv.pem.bak
cat /usr/local/acme.sh/sub.domain.tld/sub.domain.tld.{cer,key} > /etc/webmin/miniserv.pem
service webmin restart

6. Replace PureFTP certificate
mv /etc/ssl/private/pure-ftpd.pem /etc/ssl/private/pure-ftpd.pempure-ftpd.pem_bak
cat /usr/local/acme.sh/sub.domain.tld/sub.domain.tld.{key,cer} > /etc/ssl/private/pure-ftpd.pem
service pure-ftpd-mysql restart