I migrated a site from plesk to ispconfig3, but the site kept giving the generic http server test page. I noticed that its .vhost file did not contain the <VirtualHost *:443> section altogether. when I refreshed the file, toggled some options on the web page, ran re-sync and it still doesn't contain it. after deleting this file, the new one created still doesn't contain it. Of course I tried toggling the SSL and Let's Encrypt SSL options and nothing helped. In fact, even if I enable Let's Encrypt SSL, the next time that checkbox is empty again. the SSL checkbox is currently on, but the file doesn't have the 443 section at all. I created a fresh new site, and selected the same options, and that site's .vhost contains the correct VirtualHost file and the opens up fine (both php sites, same version that I installed (php 7.4), same PHP option, PHP-FPM) What could be wrong? How can I fix this migrated site? Update: The log shows interesing stuff.. Wed Dec 18 12:05:02 AM +03 2024 PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /usr/local/ispconfig/server/li b/classes/cron.d/100-monitor_hd_quota.inc.php on line 136 Wed Dec 18 12:05:02 AM +03 2024 PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /usr/local/ispconfig/server/li b/classes/cron.d/100-monitor_hd_quota.inc.php on line 164 Wed Dec 18 12:06:02 AM +03 2024 finished server.php. Wed Dec 18 12:07:01 AM +03 2024 xfs_quota: cannot set limits: Function not implemented Wed Dec 18 12:07:01 AM +03 2024 xfs_quota: cannot set timer: Function not implemented Wed Dec 18 12:07:01 AM +03 2024 /usr/bin/which: no letsencrypt in (/root/.local/share/letsencrypt/bin) Wed Dec 18 12:07:01 AM +03 2024 /usr/bin/which: no certbot in (/opt/eff.org/certbot/venv/bin) Wed Dec 18 12:07:01 AM +03 2024 /usr/bin/which: no letsencrypt in (/root/.local/share/letsencrypt/bin) Wed Dec 18 12:07:01 AM +03 2024 /usr/bin/which: no certbot in (/opt/eff.org/certbot/venv/bin) Wed Dec 18 12:07:01 AM +03 2024 Saving debug log to /var/log/letsencrypt/letsencrypt.log Wed Dec 18 12:07:02 AM +03 2024 An unexpected error occurred: Wed Dec 18 12:07:02 AM +03 2024 too many failed authorizations (5) for "www.problemsite.com" in the last 1h0m0s, retry after 2024-12-17 21:09:16 UTC: see https: //letsencrypt.org/docs/rate-limits/#authorization-failures-per-hostname-per-account Wed Dec 18 12:07:02 AM +03 2024 Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log o r re-run Certbot with -v for more details. Wed Dec 18 12:07:03 AM +03 2024 /usr/bin/which: no letsencrypt in (/root/.local/share/letsencrypt/bin) Wed Dec 18 12:07:03 AM +03 2024 /usr/bin/which: no certbot in (/opt/eff.org/certbot/venv/bin) Wed Dec 18 12:07:03 AM +03 2024 PHP Warning: Trying to access array offset on value of type bool in /usr/local/ispconfig/server/lib/classes/letsencrypt.inc.php on line 512 Wed Dec 18 12:07:03 AM +03 2024 PHP Warning: Trying to access array offset on value of type bool in /usr/local/ispconfig/server/lib/classes/letsencrypt.inc.php on line 517 Wed Dec 18 12:07:03 AM +03 2024 PHP Warning: Trying to access array offset on value of type bool in /usr/local/ispconfig/server/lib/classes/letsencrypt.inc.php on line 518 Wed Dec 18 12:07:03 AM +03 2024 PHP Deprecated: file_exists(): Passing null to parameter #1 ($filename) of type string is deprecated in /usr/local/ispconfig/ser ver/lib/classes/letsencrypt.inc.php on line 526 Wed Dec 18 12:07:04 AM +03 2024 finished server.php. Btw, even though which says 'no xxxxxx (at some path)' these binaries exist at different places, in the path. like letsencrypt is at /bin/
Even if it may sound silly, but have you changed the DNS records as well? I'm assuming you migrated from the Plesk server to another server running ISPConfig, and did you wait long enough for the DNS records to propagate? Also make sure that acme.sh is installed on your server and check /var/log/ispconfig/acme.log for potential errors or warnings that may help to debug this issue. You may also need to change the loglevel in ISPConfig for more information. You can change that for a ISPConfig server in the UI via the menu item server config.
Many thanks! Indeed I didn't have acme.sh installed, but I just did. I just tried enabling the SSL and Let's Encrypt SSL options on, but the vhost still doesn't contain the word "443" at all. Maybe it has to do with the lets encrypt rejection since the site wasn't opening up properly before. I'll wait and see for tomorrow. Many thanks!
¹ I wonder how you migrated in the first place and how did you setup your ISPConfig server. ² There is an FAQ for Letsencrypt to help any one who is facing problems with its SSL certs issuance or renewal to troubleshoot. ³ Please learn to put code in code bracket, and quote in quote bracket so that they are easily readable.
As the log mentioned, you can not get a LE cert for that site at the moment as you hit their max authorization limit. If your server uses certbot, then do not install acme.sh. Installing a second LE client will break your setup. Yes, this is the whole reason for your problem. You can not request a LE cert for a site that is unreachable on the server, see also requirements in let's Encrypt error FAQ: https://forum.howtoforge.com/threads/lets-encrypt-error-faq.74179/ If you do it nonetheless, then Let's Encrypt will block you after a few attempts: https: //letsencrypt.org/docs/rate-limits/#authorization-failures-per-hostname-per-account
