Hi all, Ok, I've been working on this for a few days now in an effort to solve this myself and here is what I've done so far. Purchased a Debian VPS. Followed the directions found here. The main ispconfig got an operational cert on port 8080 no problem. Trying to add letsencrypt to a site does not work. Followed all the debugging steps located here. I also purchased a vps from a completely different provider and had the exact same results. I found the certs for the site are successfully being created in the ~/.acme.sh/mydomain.com/ folder and the acme.log reports this success as well. If I disable the cron job for the script that updates server settings and set the debug log level, I'm not seeing any errors that I can tell, however, I'll let someone more experienced than I make the final call on that. Code: root@server1:~# /usr/local/ispconfig/server/server.sh 26.10.2021-21:40 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. 26.10.2021-21:40 - DEBUG - Found 1 changes, starting update process. 26.10.2021-21:40 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 26.10.2021-21:40 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 26.10.2021-21:40 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web2' - return code: 0 26.10.2021-21:40 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client1/web2' - return code: 0 26.10.2021-21:40 - DEBUG - safe_exec cmd: df -T '/var/www/clients/client1/web2'|awk 'END{print $2,$NF}' - return code: 0 26.10.2021-21:40 - DEBUG - safe_exec cmd: which 'setquota' 2> /dev/null - return code: 0 26.10.2021-21:40 - DEBUG - safe_exec cmd: setquota -u 'web2' '0' '0' 0 0 -a &> /dev/null - return code: 0 setquota: Not setting block grace time on /dev/mapper/vg00-lv01 because softlimit is not exceeded. setquota: Not setting inode grace time on /dev/mapper/vg00-lv01 because softlimit is not exceeded. 26.10.2021-21:40 - DEBUG - safe_exec cmd: setquota -T -u 'web2' 604800 604800 -a &> /dev/null - return code: 0 26.10.2021-21:40 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client1/web2' - return code: 0 26.10.2021-21:40 - DEBUG - Verified domain mydomain.com should be reachable for letsencrypt. 26.10.2021-21:40 - WARNING - Could not verify domain www.mydomain.com, so excluding it from letsencrypt request. 26.10.2021-21:40 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 26.10.2021-21:40 - DEBUG - Trying to use Systemd to restart service 26.10.2021-21:40 - DEBUG - safe_exec cmd: systemctl is-enabled 'apache2' 2>&1 - return code: 0 26.10.2021-21:40 - DEBUG - Create Let's Encrypt SSL Cert for: mydomain.com 26.10.2021-21:40 - DEBUG - Let's Encrypt SSL Cert domains: 26.10.2021-21:40 - DEBUG - exec: R=0 ; C=0 ; /root/.acme.sh/acme.sh --issue -d mydomain.com -w /usr/local/ispconfig/interface/acme --always-force-new-domain-key --keylength 4096; R=$? ; if [[ $R -eq 0 || $R -eq 2 ]] ; then /root/.acme.sh/acme.sh --install-cert -d mydomain.com --key-file '/var/www/clients/client1/web2/ssl/mydomain.com-le.key' --fullchain-file '/var/www/clients/client1/web2/ssl/mydomain.com-le.crt' --reloadcmd 'systemctl force-reload apache2.service' --log '/var/log/ispconfig/acme.log'; C=$? ; fi ; if [[ $C -eq 0 ]] ; then exit $R ; else exit $C ; fi sh: 1: [[: not found sh: 1: 2: not found sh: 1: [[: not found 26.10.2021-21:40 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 26.10.2021-21:40 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 26.10.2021-21:40 - DEBUG - safe_exec cmd: chattr -i '/var/www/php-fcgi-scripts/web2/.php-fcgi-starter' - return code: 0 26.10.2021-21:40 - DEBUG - Creating fastcgi starter script: /var/www/php-fcgi-scripts/web2/.php-fcgi-starter 26.10.2021-21:40 - DEBUG - safe_exec cmd: chattr +i '/var/www/php-fcgi-scripts/web2/.php-fcgi-starter' - return code: 0 26.10.2021-21:40 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/mydomain.com.vhost 26.10.2021-21:40 - WARNING - No awstats base config found. Either awstats.conf or awstats.model.conf must exist in /etc/awstats. 26.10.2021-21:40 - DEBUG - Apache status is: running 26.10.2021-21:40 - DEBUG - Calling function 'restartHttpd' from module 'web_module'. 26.10.2021-21:40 - DEBUG - Trying to use Systemd to restart service 26.10.2021-21:40 - DEBUG - safe_exec cmd: systemctl is-enabled 'apache2' 2>&1 - return code: 0 26.10.2021-21:40 - DEBUG - Restarting httpd: systemctl restart apache2.service 26.10.2021-21:40 - DEBUG - Apache restart return value is: 0 26.10.2021-21:40 - DEBUG - Apache online status after restart is: running 26.10.2021-21:40 - DEBUG - Processed datalog_id 113 26.10.2021-21:40 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock finished server.php. I found that if I create my own .vhost files for the SSL sides of the hosts, then SSL works just fine. So its like the ssl vhost side of things is not happening. I have NO DOUBT that I've flubbed something up during the install, but the fact that I had the exact same thing happen on 2 different servers leads me to ask in here if anyone has any thoughts / suggestions. Thanks All... and Thank you Till for all your hard work in keeping this going as long as you have. Amazing. Cheers! Ken
if I do a echo $0 I get a -bash And I did do the dpkg-reconfigure dash option set to No when I did the initial install. Thanks! ken
Redo it. Bash is switched to dash on your system at the moment, you probably selected the wrong option or did not save the choice you made. LE will not work unless you switched off dash so that normal bash is used. Btw. You posted in a forum that is labeled not for ISPConfig questions. Please post in the ISPConfig sub forum the next time, if you have a question about an ISPConfig server. I've moved your post to the right forum now.
Thank you Till! For both the fix and for moving the post. Sorry I didn't catch that when I initially posted. And dpkg-reconfigure did fix the issue. I'm going to run that again on the other vps and see if it fixes it there. Regards, ken