Let's Encrypt

ip-blocker Let’s Encrypt application allow you to manage your let’s encrypt certificates for all machines connected to your panel.
Core-Admin has been updated to manage the request and renewal of Let’s encrypt certificates. It has an easy interface that integrates with the rest of Core-Admin’s applications.




  • This tool has a design to make an easy installation and later use of your Let’s encrypt certificates
  • It is important to have your DNS pointing to the machine that is going to ask for the certificate.
  • Once the certificate is installed, we can use it in different ways:
    • Raw mode. It means, we take the paths of the certificate generated directly, and set up our application following the manufacturer’s instructions,
    • Exporting the certificate into another core-admin application, like Web Hosting,
    • Linking the certificate with known services that are using a certificate whose common-name has the same value of the let’s encrypt certificate generated. For example, postfix, dovecot, turbulence

How to use it

Installing the application

Inside Core-admin panel, we install Let’s Encrypt application following the steps as indicated in the manual. Once we click to install (“Mark application as configured”), next interface is showed, then we click on Install application,

Lets encrypt

The application starts with the installation,

Lets encrypt

If everything went ok, it should show the following indication:

Lets encrypt

In the machine panel, we can see a link to the application installed,

Lets encrypt


Let’s Encrypt certificate request

We click on Let’s Encrypt application and get next interface, where we click on the button Add Certificate,

Lets encrypt

Core-admin will give you a list of the common-names found at the server. We select the one we are interested in and type in a support contact address.
Finally, we click on Create a new Certificate. Internally, Core-admin manages all the tasks needed to get in contact with the certificate authority to generate the certificate requested,

Lets encrypt

Once it is done, we can visualice and use the certificate emited,

Lets encrypt


How to use certificate created

  • Raw mode, we click on the certificate and in the Certificate information tab, we can find all the paths to the files that contain the certificate information. We can use these paths to directly set up the application, following manufacturer’s instructions.
  • Lets encrypt

  • Exporting the certificate, we click on Links tab and then on Export to application button. Core-admin will give you the applications where to export the certificate. For example, Webhosting management. Once the combo option is chosen we click on Export application,
  • Lets encrypt

  • Linking the certificate, we click on Links tab and then on Add Link button. Core-admin will give you the known services that are using a certificate with the same common-name. Once the combo option is chosen, we click on Add link,
  • Lets encrypt


Certificate renewal

To renew a certificate, we click on it and click on Certificate renewal button.


Core-Admin command line integration

All features provided by Let’s encrypt management application are also available through a command line:

>> crad-lets-encrypt.pyc –help
Usage: crad-lets-encrypt.pyc [options]

-h, –help show this help message and exit
-v, –verbose Makes crad-lets-encrypt.pyc to also drop logs into
-l, –list Makes crad-lets-encrypt.pyc to list current certifcates
-a, –list-available-common-names
Makes crad-lets-encrypt.pyc to list available common
names that can be used to request a certificate
-r CERTIFICATE ID, –renew-certificate=CERTIFICATE ID
Makes crad-lets-encrypt.pyc to renew a certificate
already download and identified by the provided id
(get the id by using –list option)
Makes crad-lets-encrypt.pyc request a let’s encrypt
certificate for the provided common name (get
available common names by using –list-available-

Now, to create a let’s encrypt certificate, first you have to list all available names for certification. For that, run:

>> crad-lets-encrypt.pyc -a

Now, pick one of the names from the list and run:

>> crad-lets-encrypt.pyc -c name-of-the-domain.com account@support.com

After that, to renew the certificate, you have to list them first:

>> crad-lets-encrypt.pyc -l

From the list, pick the certificate’s id you want to renew, run:

>> crad-lets-encrypt.pyc -r


Core-Admin Python API integration

It’s also possible to use the Let’s encrypt management tool via a Python API provided.

For that, first, we have to import the module by using something like:

# import core-admin's let's encrypt applciation
from core_admin_agent import application
m = application._import ("lets_encrypt_management")

Now, to list all available names for certification, run:

status, common_names) = application.call (m, "list_server_names")
if not status:
	print "ERROR: failed to get available server names for certificate request. Error was: %s" % common_names

for common_name in common_names:
    print "AVAILABLE: common name: %s" % common_name

After that, to request and create a certificate for a given common name (the domain we want a certificate for it), pick one of the previous list and run:

params = {}
params['common_name'] = common_name  # object fetched by previous list
params['contact_mail'] = contact_mail # a mail contact required by let's encrypt

# now call to request certificate
(status, info) = application.call (m, "create_certificate", params)
if not status:
    print "ERROR: failed to create certificate, error was: %s" % info

Late, if we need to renew a certificate, first we will have to list all certificates to get the id from it:

(status, certificates) = application.call (m, "list_certificates")
if not status:
    print "ERROR: failed to get installed certificates, error was: %s" % certificates

After that, with the id we are interested in, we run:

params = {}
params['id'] = id # id fetched by calling list_certificates (for example) or hardcoded

(status, info) = application.call (m, "create_certificate", params)
if not status:
    print "ERROR: failed to create certificate, error was: %s" % info