When in ISPConfig > Sites > newdomain.com I try to place checkmark on Let's Encrypt SSL, this is what I get: I was able to make 2 SSLs for other 2 domains earlier this month. My client updated nameservesrs to our servers about 12-hours ago. "old copy of letsencrypt-auto" is just warning - not an issue here. What is causing "Challenge failed for domain"? Any ideas how to fix? root@server:~# /usr/local/ispconfig/server/server.sh You are running with an old copy of letsencrypt-auto that does not receive updates, and is less reliable than more recent versions. The letsencrypt client has also been renamed to Certbot. We recommend upgrading to the latest certbot-auto script, or using native OS packages. Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None Obtaining a new certificate Performing the following challenges: http-01 challenge for www.newdomain.com Waiting for verification... Challenge failed for domain www.newdomain.com http-01 challenge for www.newdomain.com Cleaning up challenges Some challenges have failed. finished server.php.
Please see for the steps to debug your issue and what to test: https://forum.howtoforge.com/threads/lets-encrypt-error-faq.74179/ Challenge failed means that let's encrypt could not reach your server through the domain, so most likely the domain is not pointing to the system yet correctly or some DNS caches might not have been updated yet.
Thank You @till I had to add additional DNS entry "www" A www 123.456.78.9 0 3600 After this was added, there was no more issues with SSL creation within ISPConfig.
In case you don't want to use www subdomain, then set auto subdomain to none in a website. if auto subdomain is set to www, then a DNS record must exist for the www subdomain as well if you want to get a SSL cert as the SSL cert always includes all sub- and alias domains of a website.
