- We migrated with the migration tool. - ISPConfig version before was 3.2.3 with certbot (certbot-auto) - new ISPConfig with installed with acme.sh and now in version 3.2.5, certficates work for newly created websites - migration worked fine, I read, that the LE-certificates can't be copied - now I want to get new certificates for migrated websites (e.g. example.de), acme.sh-log says, that everything works and certs are created in /root/.acme.sh/example.de/... - BUT: the certificate can't be loaded when browsing the website -> checkboxes for SSL and Let'sEncrypt are unchecked again Do I miss anything? Where do I find more logs, since I don't see any errors :-( Thanks in advance ...
1. Please read before posting! 2. Let’s Encrypt Error FAQ Try to follow prescribed steps in #2 above.
So, acme.sh could not write files to /var/www/example.de/ssl/example.de-le.crt and ~.key .... because there were already links to before issued LE-certificates from certbot-installation. After removing those links and reissuing all certs for the corresponding websites, everythings works out. Wouldn't it be nicer to not copy over those certbot-links, when acm.sh-version of LE is installed on target server?
Thank you, sorry for not going with the guideline. Actually we were upo to all of that from the FAQ. acme.sh-log just stopped, when trying to copy over the certs to the corresponding place that I mentioned above. Finally it works, but was first a little creepy, since there was no error reported in any log.
No worries. I noted it is a little bit problematic if one migrated to new server that is using acme.sh while the old one is using certbot.
It seemed like thjat .. .actually I was prepared for errors, but as I said, no errors reported is always kind of a hazzle. Now it works, thanks anyway for answering
I would actually like to join in on this issue - I also used the migration Toolkit and also did the certbot->acme transfer the /var/www/example.de/ssl was non-empty even though I used: Code: ./migrate --skip-letsencrypt As per advice here^. Is there some way to really not copy the SSL directory contents via the rsync so once we login to the webadmin we can manually just tick to create the new letsencrypt certificates from scratch? I worked around it by deleting the contents of those SSL folders but it's far from ideal and if somebody has 100+ websites it would be outright painful.
