installed latest debian 9 following the latest minimal server doku installed then following the latest perfect server with apache for debian 9 and the ispconfig manual added server to latest ispconfig multiserver enviorement latest updates installed added website without ssl so long all went fine, default ispconfig new website shows, auto subdomain works checked ssl and let's encrypt tried to call new website with ssl, no ssl support, the checks for ssl an let's encrypt have disapeared retried check ssl and let's encrypt, no succsess what's wrong need help/hint thanks Rainer P.S. This worked last year with older ispconfig versions
You have to find out why Let's Encrypt fails to get certificate, and then fix that. Use this procedure: https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/
Got FAQ response Debug log says WARNING - Could not verify domain but when I use https://certbot.eff.org/lets-encrypt/debianjessie-apache this decription I can get a cerificate. Where is the difference in checking the domain between what cerbot does an ispconfig does. tried this on an older server where it worked last year but no more with the latest ispconfig version. Thanks Rainer
The difference is that ispconfig connects from your server and certbot connects from outside of your server. when your server is behind a nat router which forbids access from inside the network to a domain, then the ispconfig check must fail and for such cases, the check can be disabled. but you must be aware that you will have to take care manually now that all domains really exist as a cert will fail now if a single domain is not ok in dns.