Hello, I hope someone knows this.. I installed ispconfig 3.1dev using perfect server ubuntu 16 Xenial, apache 2.4. All works fine, but Let's encrypt does not. I read: https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/ In the LE log files I find: (replaced username by <username>: File "/home/<username>/.local/share/letsencrypt/bin/letsencrypt", line 11, in <module> sys.exit(main()) File "/home/<username>/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 776, in main return config.func(config, plugins) File "/home/<username>/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 506, in run domains = _find_domains(config, installer) File "/home/<username>/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 273, in _find_domains raise errors.Error("Please specify --domains, or --installer that " Error: Please specify --domains, or --installer that will help in domain names autodiscovery I updated Ispconfig using git-stable but that did not help, I searched but could not find this sort of log. I checked the DNS and I have CNAME www for the domain enabled. I have No redirects. When I acticate certbots-auto I see a listing of the domain names and the www ones. I choose Cancel as I want ispconfig to handle LE. I ran out of options as I have limited experience, what can I do? Thanks!
It sounds like there was no domain supplied to the letsencrypt/certbot command - you do have a website in ispconfig which has letsencrypt checkbox enabled? I wonder if this could be another sympdom of https://www.howtoforge.com/community/threads/problems-after-upgrading-to-3-1.74075/#post-348462
Thank you for the link. I checked it and also checked the Alias /.well-known/acme-challenge /usr/local/ispconfig/interface/acme/.well-known/acme-challenge <Directory /usr/local/ispconfig/interface/acme/.well-known/acme-challenge> Require all granted </Directory> and the setting is as it should be. I have three domains listed and btw all contain a hyphen '-' First domain is 0000-default.nl None of the domains have letsencrypt enabled. It gives the: Let's Encrypt SSL Cert for: could not be issued. And I agree it looks like no domain is supplied to the letsencrypt certbot. How can I check what is supplied to the certbot?
Looks like that domain is not registered, that is a placeholder name? You're not requesting letsencrypt setup for literally '0000-default.nl' correct?
No the 0000-default.nl is used when somehow ispconfig websites fail and the user is presented a page using the ip address instead of a domain name. The other domains are registered: some-domain.nl and some-other-domain.nl, Both fail when I enable the Let's encrypt checkbox. I find a warning Let's Encrypt SSL Cert for: ... could not be issued in the logfiles. The debug information does give process information, but does not give letsencrypt information I can really use . FYI I do not use the ispconfig DNS function, but the providers DNS. As letsencrypt finds all the domain names, including 0000-default.nl, by manually using certbot-auto I expect the automatic version from ispconfig to find the letsencrypt checkbox activated domain name and cname as well. But I am not sure that is really so.
Try removing 0000-default.nl temporarily and test if letsencrypt works; maybe you have inadvertently blocked letsencrypts' requests there.
ok, did so, I tried multiple times and get the result: warning Let's Encrypt SSL Cert for: ... could not be issued in the logfiles. The debug states (removed some sensitive data) 2016-10-13 20:07 ..........com Debug Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock 2016-10-13 20:07 ..........com Debug Processed datalog_id 345 2016-10-13 20:07 ..........com Debug Apache online status after restart is: running 2016-10-13 20:07 ..........com Debug Apache restart return value is: 0 2016-10-13 20:07 ..........com Debug Restarting httpd: systemctl restart apache2.service 2016-10-13 20:07 ..........com Debug Calling function 'restartHttpd' from module 'web_module'. 2016-10-13 20:07 ..........com Debug Apache status is: running 2016-10-13 20:07 ..........com Debug Restarting php….: systemctl reload php…..service 2016-10-13 20:07 ..........com Debug Calling function 'restartPHP….' from module 'web_module'. 2016-10-13 20:07 ..........com Debug Writing the PHP…. config file: /….. 2016-10-13 20:07 ..........com Debug Writing the vhost file: /etc/apache2/sites-available/some-domain.nl.vhost 2016-10-13 20:07 ..........com Debug Let's Encrypt SSL Cert domains: some-domain.nl --domains www.some-domain.nl 2016-10-13 20:07 ..........com Debug Create Let's Encrypt SSL Cert for: some-domain.nl 2016-10-13 20:07 ..........com Debug Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 2016-10-13 20:07 ..........com Debug Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 2016-10-13 20:07 ..........com Debug Found 1 changes, starting update process.
I tried: 1. added the name servers from my vm provider to the /etc/hosts file 2. commandline: sudo ispconfig_update.sh and used git-stable 3 checked but could not find the vm host provider name servers in ispconfig: is that ok? 4 tried to issue letsencrypt and got warning Let's Encrypt SSL Cert for: ... could not be issued.
I'm looking at your first post and notice: I didn't notice that path before, but that sure doesn't sound like where letsencrypt should be installed; ispconfig will find the certbot/letsencrypt programs either in the system path or under /root/.local/.... but not under a non-root user's home directory. Maybe remove the current letsencrypt install and just install the system packages (certbot) and see if things work?
I did not know that. I logged in as non-root for safety. I removed the letsencrypt directory, changed to root and used certbot-auto to install the packages.| I tried the letsencrypt ssl and it creates the certificates. I find them in the letsencrypt/live directory. The ssl and letsencrypt checkbox are active. Chapeaux for now! I guess, at this moment I should wait some time, as the website allows ssl but does not show the certificate. I will let you know if that happens too! I checked the website but no, the certificate does not show?
I did under root user: updated Ispconfig using git-stable The website is workingwith letsencrypt certificates but the ssl tab is still visible. Is this supposed to be?
