CentOS, ISPConfig3... so my SSL cert for my domain hasn't been valid for a while, I finally realized that I had an alias domain that I did not have DNS set up for. I fixed that, reran the crontab command to update the acme certificates, and it started working. I then checked another domain and realized it had a similar issue, so I did the same thing, and it started working. But then my original domain was no longer loading correctly. Rerunning the acme cron command, it gave the following message: Code: -----END CERTIFICATE----- [Mon Apr 14 12:17:37 EDT 2025] Your cert is in: /root/.acme.sh/myexample.com/myexample.com.cer [Mon Apr 14 12:17:37 EDT 2025] Your cert key is in: /root/.acme.sh/myexample.com/myexample.com.key [Mon Apr 14 12:17:37 EDT 2025] The intermediate CA cert is in: /root/.acme.sh/myexample.com/ca.cer [Mon Apr 14 12:17:37 EDT 2025] And the full-chain cert is in: /root/.acme.sh/myexample.com/fullchain.cer [Mon Apr 14 12:17:37 EDT 2025] Your pre-generated key for future cert key changes is in: /root/.acme.sh/myexample.com/myexample.com.key.next [Mon Apr 14 12:17:37 EDT 2025] Installing cert to: /var/www/clients/client11/web15/ssl/myexample.com-le.crt [Mon Apr 14 12:17:37 EDT 2025] Installing key to: /var/www/clients/client11/web15/ssl/myexample.com-le.key [Mon Apr 14 12:17:37 EDT 2025] Installing full chain to: /var/www/clients/client11/web15/ssl/myexample.com-le.bundle [Mon Apr 14 12:17:37 EDT 2025] Running reload cmd: service httpd force-reload Reloading httpd: [FAILED] [Mon Apr 14 12:17:37 EDT 2025] Reload error for: myexample.com [Mon Apr 14 12:17:37 EDT 2025] Error renewing myexample.com. [Mon Apr 14 12:17:37 EDT 2025] ===End cron=== [root@dns ~]# netstat -tulpn | grep :80 [root@dns ~]# service httpd start Starting httpd: [Mon Apr 14 12:17:56 2025] [warn] NameVirtualHost *:443 has no VirtualHosts [Mon Apr 14 12:17:56 2025] [warn] NameVirtualHost *:80 has no VirtualHosts [ OK ] clearly, the certificate is getting generated correctly, but the forced reload of apache fails. I rebooted the machine, and now neither site will load as secure. it doesn't appear that any certificate is being sent to the browser. when I open the domain settings, both domains have SSL and Let's Encrypt checked - I had only checked Let's Encrypt, so I'm assuming ISPConfig checked the SSL box. on the SSL tab, neither field are populated, which I assume is also correct. I can see the SSL references in the /etc/httpd/conf/sites-available/myexample.com.vhost.err file under the <IfModule mod_ssl.c> section. /etc/httpd/conf.d/ssl.conf shows that ssl_module is defined as module/mod_ssl.so I checked httpd -M and it states ssl_module (shared) is installed Thoughts on why httpd isn't delivering a certificate that has clearly been stored in the correct location? EDIT: so I just realized that the etc/httpd/conf/sites-available/myexample.com.vhost.err is an ERROR file - i assume this is the configuration that was created but could not be installed because the httpd force-reload failed. I manually renamed it to remove the ".err" on the name, and restarted httpd manually, and it the domain is not secure (certificate being pushed). I answered my own question, but thought I'd leave the solution here for someone else.
