I can't generate Letsencrypt SSL for my site because it still using acme v01. Letsencrypt and certbot is working without any issue if I execute the command manually in terminal. ISPConfig Version: 3.1.12 Certbot version: 0.31.0 Debug Log Code: Wed Apr 8 00:32:02 EEST 2020 08.04.2020-00:32 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. Wed Apr 8 00:32:02 EEST 2020 08.04.2020-00:32 - DEBUG - Found 1 changes, starting update process. Wed Apr 8 00:32:02 EEST 2020 08.04.2020-00:32 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'. Wed Apr 8 00:32:02 EEST 2020 08.04.2020-00:32 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'. Wed Apr 8 00:32:02 EEST 2020 08.04.2020-00:32 - DEBUG - Verified domain webdomain.com should be reachable for letsencrypt. Wed Apr 8 00:32:02 EEST 2020 08.04.2020-00:32 - DEBUG - Verified domain www.webdomain.com should be reachable for letsencrypt. Wed Apr 8 00:32:02 EEST 2020 08.04.2020-00:32 - DEBUG - Create Let's Encrypt SSL Cert for: webdomain.com Wed Apr 8 00:32:02 EEST 2020 08.04.2020-00:32 - DEBUG - Let's Encrypt SSL Cert domains: --domains webdomain.com --domains www.webdomain.com Wed Apr 8 00:32:02 EEST 2020 08.04.2020-00:32 - DEBUG - exec: /usr/bin/letsencrypt certonly -n --text --agree-tos --expand --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email [email protected] --domains webdomain.com --domains www.webdomain.com --webroot-path /usr/local/ispconfig/interface/acme Wed Apr 8 00:32:02 EEST 2020 Saving debug log to /var/log/letsencrypt/letsencrypt.log Wed Apr 8 00:32:02 EEST 2020 Plugins selected: Authenticator webroot, Installer None Wed Apr 8 00:32:03 EEST 2020 Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org Wed Apr 8 00:32:04 EEST 2020 An unexpected error occurred: Wed Apr 8 00:32:04 EEST 2020 The client lacks sufficient authorization :: Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details. Wed Apr 8 00:32:04 EEST 2020 Please see the logfiles in /var/log/letsencrypt for more details. Wed Apr 8 00:32:04 EEST 2020 08.04.2020-00:32 - WARNING - Let's Encrypt SSL Cert for: webdomain.com could not be issued. Wed Apr 8 00:32:04 EEST 2020 08.04.2020-00:32 - WARNING - /usr/bin/letsencrypt certonly -n --text --agree-tos --expand --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email [email protected] --domains webdomain.com --domains www.webdomain.com --webroot-path /usr/local/ispconfig/interface/acme Wed Apr 8 00:32:04 EEST 2020 08.04.2020-00:32 - DEBUG - Creating fastcgi starter script: /var/www/php-fcgi-scripts/web687/.php-fcgi-starter Wed Apr 8 00:32:05 EEST 2020 08.04.2020-00:32 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/webdomain.com.vhost Wed Apr 8 00:32:05 EEST 2020 08.04.2020-00:32 - DEBUG - Apache status is: running Wed Apr 8 00:32:05 EEST 2020 08.04.2020-00:32 - DEBUG - Calling function 'restartHttpd' from module 'web_module'. Wed Apr 8 00:32:08 EEST 2020 08.04.2020-00:32 - DEBUG - Restarting httpd: systemctl restart apache2.service Wed Apr 8 00:32:08 EEST 2020 08.04.2020-00:32 - DEBUG - Apache restart return value is: 0 Wed Apr 8 00:32:10 EEST 2020 08.04.2020-00:32 - DEBUG - Apache online status after restart is: running Wed Apr 8 00:32:10 EEST 2020 08.04.2020-00:32 - DEBUG - Processed datalog_id 14608 Wed Apr 8 00:32:10 EEST 2020 08.04.2020-00:32 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock Wed Apr 8 00:32:10 EEST 2020 finished. Manual Execute Certbot Code: root@IV-01:~# certbot --apache Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org Which names would you like to activate HTTPS for? Letsencrypt Code: root@IV-01:~# letsencrypt --apache Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org Which names would you like to activate HTTPS for? Thanks.
You use a completely outdated ISPConfig version, update to the current release. Do not run certbot with apache switch on the shell, you will not be able to use ISPConfig to manage the sites afterwards.
