I recently added a new site in ISPConfig 3 and as usual I checked to box for letsencrypt as shown below ... However when I get errors from my browsers that the site is insecure I check back and lo and behold the options are now unchecked So question is where does letsencrpt store the certificate files? If it is indeed broken can it be fixed without any drastic measures? PS: Webmail appears to be broken as well which mostly dates back to the issue I had when Ubuntu 22.04 update that updated Maria Database at the same time and messed things up a bit. which I posted about at the time. If it comes to the worse scenario is there a possble to remove and reinstall ISPConfig to default settings whilst retaining my sites, email accounts DNS, etc?
Here is a checklist. Follow it step-by-step to narrow down the reason why LE refused to issue a cert: https://forum.howtoforge.com/threads/lets-encrypt-error-faq.74179/
It seems as if the domain can't be verified ????? Log File: Code: root@server2:~# /usr/local/ispconfig/server/server.sh 10.06.2024-03:13 - DEBUG [plugins.inc:155] - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. 10.06.2024-03:13 - DEBUG [server:217] - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock finished server.php. root@server2:~# /usr/local/ispconfig/server/server.sh 10.06.2024-03:15 - DEBUG [plugins.inc:155] - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. 10.06.2024-03:15 - DEBUG [server:177] - Found 1 changes, starting update process. 10.06.2024-03:15 - DEBUG [plugins.inc:118] - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 10.06.2024-03:15 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: chattr -i '/var/www/clients/client0/web34' - return code: 0 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: chattr +i '/var/www/clients/client0/web34' - return code: 0 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: df -T '/var/www/clients/client0/web34'|awk 'END{print $2,$NF}' - return code: 0 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: which 'setquota' 2> /dev/null - return code: 0 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: setquota -u 'web34' '0' '0' 0 0 -a &> /dev/null - return code: 0 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: setquota -T -u 'web34' 604800 604800 -a &> /dev/null - return code: 0 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: chattr +i '/var/www/clients/client0/web34' - return code: 0 10.06.2024-03:15 - WARNING - Could not verify domain teotwawki.org, so excluding it from letsencrypt request. 10.06.2024-03:15 - WARNING - Could not verify domain www.teotwawki.org, so excluding it from letsencrypt request. 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 10.06.2024-03:15 - DEBUG [apache2 plugin.inc:1440] - Add server alias: www.teotwawki.org 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: chattr -i '/var/www/php-fcgi-scripts/web34/.php-fcgi-starter' - return code: 0 10.06.2024-03:15 - DEBUG [apache2 plugin.inc:1601] - Creating fastcgi starter script: /var/www/php-fcgi-scripts/web34/.php-fcgi-starter 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: chattr +i '/var/www/php-fcgi-scripts/web34/.php-fcgi-starter' - return code: 0 10.06.2024-03:15 - DEBUG [apache2 plugin.inc:1891] - Writing the vhost file: /etc/apache2/sites-available/teotwawki.org.vhost 10.06.2024-03:15 - DEBUG [apache2 plugin.inc:2009] - Apache status is: running 10.06.2024-03:15 - DEBUG [services.inc:56] - Calling function 'restartHttpd' from module 'web_module'. 10.06.2024-03:15 - DEBUG [system.inc:2083] - Trying to use Systemd to restart service 10.06.2024-03:15 - DEBUG [system.inc:2430] - safe_exec cmd: systemctl is-enabled 'apache2' 2>&1 - return code: 0 10.06.2024-03:15 - DEBUG [web module.inc:246] - Restarting httpd: systemctl restart apache2.service 10.06.2024-03:15 - DEBUG [apache2 plugin.inc:2012] - Apache restart return value is: 0 10.06.2024-03:15 - DEBUG [apache2 plugin.inc:2023] - Apache online status after restart is: running 10.06.2024-03:15 - DEBUG [modules.inc:240] - Processed datalog_id 3481 10.06.2024-03:15 - DEBUG [server:217] - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock finished server.php. root@server2:~#
Check the DNS of this domain to ensure it points to the IP address of this server for the domain itself and the www subdomain.
DNS and Domain Health Reports I'm starting to get the feeling that I may have to bite the bullet and start again with freshly installed server?
No, there is no reason to do that for such a let's encrypt error. 1) Do you get the right server when you try accessing the domain name in a web browser? 2) Have you tried disabling the Let's Encrypt check under System > Server config > Web and then enabling Let's Encrypt checkbox of the website again? 3) Do you use any custom rules in the apache or Nginx directives field that might prevent access to the .well-known/ folder?
Are you sure that website is working? If it shows the default page, replace the text with something else and see if it changes what the browser shows. If this does not help, follow again carefully the Let's Encrypt FAQ.
