LetsEncrypt Live No such file or directory

Discussion in 'Installation/Configuration' started by Chris Capitana, Jan 8, 2022.

Thread Status:
Not open for further replies.
  1. Chris Capitana

    Chris Capitana New Member

    I'm installing ISPConfig (NginX only) on Debian 10. Although I'm very new to this I got it running but I can't seem to be able to get passed this:

    Code:
    root@host:/usr/local/ispconfig/interface/ssl# ls -l /etc/letsencrypt/live/
    ls: cannot access '/etc/letsencrypt/live/': No such file or directory
    root@host:/usr/local/ispconfig/interface/ssl# 
    ...and the list of the ssl folder after I tried getting new crt and key.

    Code:
    root@host:/usr/local/ispconfig/interface/ssl# ls
    empty.dir      ispserver.crt-220108200301.bak  ispserver.crt-220108220356.bak  ispserver.key-220108200402.bak  ispserver.key-220108220358.bak  ispserver.pem              ispserver.pem-220108220401.bak
    ispserver.crt  ispserver.crt-220108220211.bak  ispserver.key              ispserver.key-220108220216.bak  ispserver.key.secure          ispserver.pem-220108220219.bak
    So if I run:
    Code:
    root@host:/usr/local/ispconfig/interface/ssl# ls -l /etc/letsencrypt/live/
    ls: cannot access '/etc/letsencrypt/live/': No such file or directory
    root@host:/usr/local/ispconfig/interface/ssl# 
    I would expect my domain to be there? mydomain.com
    I tried to give SSL to my hostname through ISPConfig, the SSL check stays on, Let'sEncrypt just turns off after saving.
    As I understand I need to be able to do this before I can link it to ispserver.
    Code:
    ln -s /etc/letsencrypt/live/mydomain.com/privkey.pem ispserver.key
    A noob-proof answer would be highly appreciated. Thanks in advance!
     
  2. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    And may I know why are you doing this manually since ISPConfig installer since 3.2 can already create LE SSL certs for the server and its main apps / softwares (mail, ftp etc) and renew them automatically upon ISPConfig install or update?
     
  3. Chris Capitana

    Chris Capitana New Member

    Thank you for your reply. I was following along a manual install tutorial that includes lots of additional hardening (youtube/channel/UCec7O3cwcegBK7_KRxpHf0Q/videos) both for (my personal)educational purpose and because I couldn't get the installer working somehow.. I was confused if Roundcube would be included and properly set to the correct port on a server with NginX only.
     
  4. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    If you did not get the ISPConfig installer working, then you need to raise the issue providing what you have done leading to that issue.
     
  5. Chris Capitana

    Chris Capitana New Member

    Thanks, I will try to do that. Will there be any way I can proceed at the point I got stuck? Everything seems working fine, other than that. Thanks in advance.
     
  6. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    Simply update ISPConfig and choose to create LE SSL during that process and tell us how it goes.
     
    Chris Capitana likes this.
  7. Chris Capitana

    Chris Capitana New Member

    Thanks, I did an update and reinstalled SSL certificates. Because I also asked this question in the ISPConfig forum (I thought my first post in the Linux forums was misplaced) Th0m suggested it would be the use of the acme.sh
    I think you are correct. Although I also have certbot installed with with snap.
    This is in /.acme.sh
    Code:
    root@host:~/.acme.sh# ls
    account.conf  acme.sh  acme.sh.env  ca    deploy    dnsapi    host.<mydomain>.com  http.header    notify
    And the files in my host.<mydomain>.com folder:
    Code:
    root@host:~/.acme.sh# cd host.<mydomain>.com
    root@host:~/.acme.sh/host.<mydomain>.com# ls
    host.<mydomain>.com.conf    host.<mydomain>.com.csr  host.<mydomain>.com.csr.conf  host.<mydomain>.com.key
    root@host:~/.acme.sh/host.<mydomain>.com#
    
    Any thoughts on how to solve this?

    I think I should be using .acme.sh instead of certbot if I understood correctly.
    If I check the SSL certificate in the browser of my ISPConfig install it says:
    host.<mydomain>.com
    Root certificate authority
    This root certificate is not trusted​
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

Thread Status:
Not open for further replies.

Share This Page