Hey! I have ISPConfig 3 installed on a virtual machine within my network. Everything is working great, and it's hosting other websites just fine. The virtual machine's OS is Ubuntu 16.04. The problem I'm facing is getting SSL Let's Encrypt to work. For an example, I created a new website under the websites tab. Once it was finished committing the tasks, I can get to the default "Welcome!" landing page that it automatically creates. Then I went back in, selected the 2 boxes (SSL & Lets Encyrpt), waited for those changes to commit, and now I can't access it at all. This particular domain is accessible from outside of the network, and I can reach the default landing page (prior to selecting SSL boxes) from outside of my network as well. I have no idea what I'm missing. When I go back into that particular website's settings, it still shows those boxes checked as well. Any thoughts? Thank you! Nate
I had issues with that oftentimes... since then I always first check ssl, wait for commit, then check LE and if you have enabled it already, disable both, wait for commit and start over as described.
I forgot to mention, the letsencrypt log looks good to the best of my knowledge? Code: 2018-07-27 20:00:17,833:DEBUG:letsencrypt.storage:Archive directory /etc/letsencrypt/archive/SUBDOMAIN.MYDOMAIN and live directory /etc/letsencrypt/live/SUBDOMAIN.MYDOMAIN created. 2018-07-27 20:00:17,841:DEBUG:letsencrypt.storage:Writing certificate to /etc/letsencrypt/live/SUBDOMAIN.MYDOMAIN/cert.pem. 2018-07-27 20:00:17,841:DEBUG:letsencrypt.storage:Writing private key to /etc/letsencrypt/live/SUBDOMAIN.MYDOMAIN/privkey.pem. 2018-07-27 20:00:17,841:DEBUG:letsencrypt.storage:Writing chain to /etc/letsencrypt/live/SUBDOMAIN.MYDOMAIN/chain.pem. 2018-07-27 20:00:17,842:DEBUG:letsencrypt.storage:Writing full chain to /etc/letsencrypt/live/SUBDOMAIN.MYDOMAIN/fullchain.pem. 2018-07-27 20:00:17,842:DEBUG:letsencrypt.storage:Writing new config /etc/letsencrypt/renewal/SUBDOMAIN.MYDOMAIN.conf. 2018-07-27 20:00:17,845:INFO:letsencrypt.reporter:Reporting to user: Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/SUBDOMAIN.MYDOMAIN/fullchain.pem. Your cert will expire on 2018-10-25. To obtain a new version of the certificate in the future, simply run Let's Encrypt again. 2018-07-27 20:00:17,845:INFO:letsencrypt.reporter:Reporting to user: If you like Let's Encrypt, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le33A5FF
I just completed these steps as outlined twice. I still have the same outcome. I currently can access the landing page only when not attempting an https connection. When I try https it fails. Just as a precaution, i've also tried clearing all saved data from my browser as well.
hmm is the webserver writing access/error logs when accessing the domain? do they land elsewhere? check the vhost file is actually created and u do not have a *.err file in sites-available are your sites set up in a mixed way using IP and/or * for <VirthualHost> entry? use only one of them, either IP or * turned on debugging on webserver to see what's happening?
When I attempt to hit the landing page with https, it just loads forever and then gives me an error. There is a vhost file created and it appears to have everything, but there is no *.err file in the sites-available directory. This IP vs * setting.. if you're referring to the setting on the individual website settings page, all of them have a "*" in the IPv-4-Address field. Is that what you meant? The Error log in that profile was also empty.
I wasn't totally sure what you were wanting with some of that, but here's what I also tried. I unchecked the "ssl" and "lets encrypt" boxes, saved, and waited for changes to commit. Then I put my ispconfig server into debug mode, saved, and waited to commit. Then I went back to the website settings, checked "ssl" box, saved, and waited for commit. Then I did the same thing with the "let's encrypt" box. I still cannot reach the page. I could reach the white and green landing page using http prior to checking the boxes, but now I just get "the site cannot be reached." I've also cleared my broswer cache and tried to access with other devices. Since it was in debug mode, I checked the Lets encrypt log file and everything appears to be normal? I don't see it requesting an SSL either though. There was also nothing in the error log file within the website's log directory. Was there another log you'd suggest to look at?
