Can't enable Let's Encrypt on server domain

Hello,

Few months ago I have secured my server following this tutorial

Securing ISPConfig 3.1 With a Free Let's Encrypt SSL Certificate
https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/

Everything was working well until few days ago when the server stop using the Let's Encrypt certificate.

I try to re enable it with Let's Encrypt SSL checkbox on the website configuration without any success.

When I check the Let's Encrypt log I have this indication

2020-07-28 21:14:04,124:INFO:certbot.renewal:Cert not yet due for renewal
2020-07-28 21:14:04,124:INFO:certbot.main:Keeping the existing certificate

So if I well understand my certificate is valid but I can assign it to my server domain.

Where can I find a log with a little more explanation about this issue ?


Best Regards
Nexus

 

No checkbox remain unticked but the SSL one is ticked

 

Use Lets Encrypt error faq to find out why issuing certificate fails:
https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/

 

Thanks @Taleman

The certbot is well installed and working.
Yesterday I have mounted a new website on my server and I was able to generate a Let’s Encrypt SSL certificate for this domain without any problem.

When I have secured my server with the tutorial "Securing ISPConfig 3.1 With a Free Let's Encrypt SSL Certificate"
I had to create a website for my server domain "server.os.mydomain.tld" to be able to generate the Let's Encrypt SSL Cert.
After that server.os.mydomain.tld & server.os.mydomain.tld:8080 had both a Let's Encrypt SSL Cert.
The "Let's Encrypt SSL" checkbox was ticked.

But now I have the cert with server.os.mydomain.tld:8080 but not on server.os.mydomain.tld and the "Let's Encrypt SSL" checkbox is not ticked.

That really strange because
on https
mydomain.tld I have a Let's Encrypt SSL Cert valid until 2020-09-25.
server.os.mydomain.tld:8080 I have a Let's Encrypt SSL Cert valid until 2020-09-27.
server.os.mydomain.tld I have the Let's Encrypt SSL Cert from the first domain in the Website section.

On my mailer
server.os.mydomain.tld:143 I have an expired Let's Encrypt SSL Cert since 2020-07-28?

I do not have any website on server.os.mydomain.tld but I use it only for emails purposes.

This is the Let’s Encrypt log

Code:

2020-07-31 15:24:02,930:DEBUG:certbot.main:certbot version: 0.27.0
2020-07-31 15:24:02,932:DEBUG:certbot.main:Arguments: ['-n', '--text', '--agree-tos', '--expand', '--authenticator', 'webroot', '--server', 'https://acme-v02.api.letsencrypt.org/directory', '--rsa-key-size', '4096', '--email', '[email protected]', '--domains', 'server.os.mydomain.tld', '--webroot-path', '/usr/local/ispconfig/interface/acme']
2020-07-31 15:24:02,932:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2020-07-31 15:24:02,942:DEBUG:certbot.log:Root logging level set at 20
2020-07-31 15:24:02,943:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-07-31 15:24:02,944:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-07-31 15:24:02,944:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f6d7fa28908>
Prep: True
2020-07-31 15:24:02,945:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f6d7fa28908> and installer None
2020-07-31 15:24:02,945:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2020-07-31 15:24:02,952:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/84130946', new_authzr_uri=None, terms_of_service=None), 191ddb6a6d867caf9368f5ed8b76aacf, Meta(creation_dt=datetime.datetime(2020, 4, 22, 10, 1, 8, tzinfo=<UTC>), creation_host='server.os.mydomain.tld'))>
2020-07-31 15:24:02,953:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2020-07-31 15:24:02,955:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2020-07-31 15:24:03,567:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2020-07-31 15:24:03,569:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 31 Jul 2020 13:24:03 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "_wXDkyBWYes": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2020-07-31 15:24:03,631:INFO:certbot.renewal:Cert not yet due for renewal
2020-07-31 15:24:03,631:INFO:certbot.main:Keeping the existing certificate

When I enable the server debug mode I get this message when I try to generate the server Let’s Encrypt certificate
"Let's Encrypt Cert file: does not exist."

My Unix Admin and SSL knowledges do not let me understand what going on here

 

Hello,
A friend solved my problem.
Thanks all for your help.