certbot to acme first?

Discussion in 'Installation/Configuration' started by jokerdes, Apr 18, 2021.

  1. jokerdes

    jokerdes New Member

    Hi,
    I need to migrate my old server (ubuntu 20.04) to a new server (Debian 10).
    I did this using ispconfig-migrate.
    During the migration, the migration script said that it could not transfer the certificates. Ubuntu 20.04 (certbot) and Debian 10 (acme). When I replaced the servers, the acme didn't work (and nothing that would require a certificate).
    Do I need to change the certbot on the old server to acme first? If so, what is the correct method?
     
  2. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    What do you mean with
    ?

    If you want to migrate the certs, install certbot on the target system. If you want to start using acme.sh, which I would recommend if you currently have < 100 sites that will be migrated, don't migrate the certs and issue a new cert for your sites after the DNS record have changed.
     
    ahrasis likes this.
  3. jokerdes

    jokerdes New Member

    In my case, the new server should get the same ip and hostname after the migration as the old server. I didn’t copy the old certificates, I thought I’d create new ones.
    I changed the hostname and ip address then unfortunately I didn't reach ispconfig at all (default 8080). /var/log/ispconfig was empty. When I tried to generate a new certificate manually, acme.log wrote "Verify error: Invalid response from ...".
    Bad certs on postfix and all domain (about 150).
    Suddenly I had no more ideas, I replaced the old server.
     
  4. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    These need to be changed in several places. I think there is thread on this forum on how to do this.
    If you host can not be reached, it can not get certificates issued. Did you try with IP-number? Did you shut down the old server so two servers with same IP-number are not running at the same time?
     
  5. jokerdes

    jokerdes New Member

    Of course, the two servers did not work at the same time.
    I modified /etc/hosts, /etc/hostname, /etc/postfix/main.cf for the hostname.
    /etc/network/interfaces and in dbispconfig database the server, server_ip tables.
    The weird thing was that phpmyadmin apache alias worked, for example.
    However, ispconfig did not work with ip either.
     

Share This Page