Hey everyone, hello Till, I have on question I assume many will ask: How do I install Lets Encrypt on a machine where previously, an ISPConfig 3.0.5.4p9 is installed? Will it be installed within the upgrade process or do I need to do it manually. If so: How? Kind Regards Zero
Please use the tutorial search function here at howtoforge and search for "perfect server" to find a matching tutorial for ispconfig 3.1, in these tutorials you will find instructions for the letsencrypt installation.
I tried to follow the guide. It said: Code: ./certbot-auto And that's doesn't work: Code: root@ubhost:/opt/certbot# ./certbot-auto No installers seem to be present and working on your system; fix that or try running certbot with the "certonly" command I tried it with certonly, but then it asks me how would I want to authenticate and none of the methods working. What else can I try?
Hi, i bought the ispconfig 3.1 manual and followed instructions to install let's encrypt (certbot-auto). It is not working neither the manual explains how to use or activate. Is the HHVM mandatory to make it work? Edit: in the manual and the perfect server's guide appears the following screenshot: but when i follow instructions, that is what appears to me:
Select cancel. Do not ceate these certs or letsencrypt will not work. I'll check the instructions from the manual, they worked for me a few days ago, but who knows what letsencrypt changed in the meantime, their client is not really stable yet and it's behaviour changes all the time.
OK. Now it creates the certificate correctly. But the SSL tab is supposed to dissappear from ispconfig when let's encrypti is checked, isn't it?
Yes. the certs are managed by letsencrypt when you enable it, so there is nothing that you could do on that tab.
although it is working ok, the ssl tab still appears in ispconfig. There should be something not working well in my ispconfig installation. where can i take a look for that? edit: when unselect let's encrypt, the certificate is still active on web page
I just tested it, thats an issue in ispconfig itself. We will alter that behaviour in the next release. It did not harm that the ssl tab is there, it is just not needed. If ssl is active or not depends on the SSL checkbox in the website settings.
Both unchecked. That's the odd behaviour: https://tracker.vivancos.eu/ (ssl cert ok, but both unchecked) https://tracker.vivancos.eu/scrape.php?stats (ssl error, both uncheked)
This is what happens and has to happen when letsencryot is not able to get a ssl cert for your domain as you can not enable SSL for a website without an SSL cert. If you want to know why letsencrypt can not generate a cert, use the debug mode (last chapter here): https://www.howtoforge.com/community/threads/please-read-before-posting.58408/ The most common reasons are wrong or missing DNS records.
Im trying to enable lets encrypt but it seems to be giving me an error when i tried this (http://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/) to debug it. Failed authorization procedure. www.domain.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.domain.org/.well-known/acme-challenge/efrX5oGkLJZ2w14rAoavvp5zgvNDDzaJ2Q-CPHcVgOF
I deleted the /etc/letsencrypt (don't remember the exact name) folder and checked the let's encrypt checkbox again in the ispconfig control panel. The script created that folder (and correct subfolders with the let's encrypt automatic account) with correct permissions. Try it and tell us if works or not.
Nope, still having issues. It seems like its attempting to do it on my aliases first. My main domain is domain.com Thu Sep 29 12:09:09 EDT 2016 Failed authorization procedure. myportfolio.techreanimate.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://myportfolio.techreanimate.co...e/prnWKgV2y0IC1eGrR5Yst9RElLrLCEHXfs8PizgV-c0 [192.3.206.221]: 500, www.myportfolio.domain2.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.myportfolio.domain2.com/...e/48tmD6nHwlzqsaeaMn0JQR0fPA1Z8YgVUYDXTEE75L0 [192.3.206.221]: 500, domain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://domain.com/.well-known/acme-challenge/aL_P199Ia8_3icaQBPHtkCakUxbTJLOsFoKj4ft64hY [192.3.206.221]: 500, luis.domain2.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://luis.domain2.com/.well-known/acme-challenge/yohqt1q23Id2ycziDmkRGWgJWq-6ttHWtdJM5TxqH24 [192.3.206.221]: 500, www.domain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.domain.com/.well-known/acme-challenge/Y4lba7W2-m6UBCKDtcQwRkQUzU_ebKnorAMRgG9Sr18 [192.3.206.221]: 500, www.luis.domain2.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.luis.domain2.com/.well-known/acme-challenge/hRIcu_ZeOJHdcmKH3xQipHLZzVlARa1ChmspKy56Hj0 [192.3.206.221]: 500
This helped, since i dont know of a way to reconfigure services i just updated to git-stable. I must have hit no on reconfigure services. Thanks Till!
