followed https://forum.howtoforge.com/threads/reset-password-for-rspamd-weblogin.92799/ to change password of rspamd Now apache is down, no websites, no more ISPConfig See apache status below.Before everytging was secure with acme.sh and save <code> Mai 20 18:49:07 mike systemd[1]: Starting apache2.service - The Apache HTTP Server... Mai 20 18:49:07 mike apachectl[903816]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.vhost:7 Mai 20 18:49:07 mike apachectl[903816]: AH00526: Syntax error on line 65 of /etc/apache2/sites-enabled/000-ispconfig.vhost: Mai 20 18:49:07 mike apachectl[903816]: SSLCertificateFile: file '/usr/local/ispconfig/interface/ssl/ispserver.crt' does not exist or is empty Mai 20 18:49:07 mike apachectl[903812]: Action 'start' failed. Mai 20 18:49:07 mike apachectl[903812]: The Apache error log may have more information. Mai 20 18:49:07 mike systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE Mai 20 18:49:07 mike systemd[1]: apache2.service: Failed with result 'exit-code'. Mai 20 18:49:07 mike systemd[1]: Failed to start apache2.service - The Apache HTTP Server. </code> Need help urgent
The issue was not caused by setting the Rspamd password, it was just uncovered at that moment because this caused apache to be restarted. The underlying issue is that you seem to have removed the ISPConfig SSL certificate, as the certificate file /usr/local/ispconfig/interface/ssl/ispserver.crt is missing according to apache. So I guess you changed something regarding ISPConfig SSL certificate before and this removed the certificate. What did you change regarding ISPConfig SSL cert?
did nothing with ispconfig cert but I try a quick fix with setting the right path will be back in a moment
set the path to the certificate to /root/.acme.servername_ecc/ .key and .cer apache run smooth again changes made in ispconfig.vhost
The path /usr/local/ispconfig/interface/ssl/ispserver.crt is the right path. Do not alter it or your system will break again. If you are using acme.sh, then /usr/local/ispconfig/interface/ssl/ispserver.crt is the actual certificate. If you are using certbot, then /usr/local/ispconfig/interface/ssl/ispserver.crt is a symlink to the certificate in /etc/letsencrypt/live/.... folder.
I am using acme, and the path you notice is empty, the is no cert there. Had same problem with dovecot yesterday.
Enter the new password in ISPConfig and press save. if you enter it in Rspamd, then it can not change in ISPConfig as ISPConfig is not aware that you changed it in Rpsmad manually.
I hope you did not change the path in dovecot as your mail system will be down next then. The underlying reason is that you deleted the SSL certificate /usr/local/ispconfig/interface/ssl/ispserver.crt. To fix that, create that cert again by copying the certificate from acme.sh to that file. Also take care that the key exists there as /usr/local/ispconfig/interface/ssl/ispserver.key Then, ensure that you undo any changes you made in apache or the mail system regarding that path.
look here <code> ll /usr/local/ispconfig/interface/ssl/ insgesamt 44 drwxr-x--- 2 root root 4096 19. Mai 17:22 . drwxr-x--- 9 ispconfig ispconfig 4096 10. Mai 15:26 .. -rwxr-x--- 1 root root 768 17. Mai 16:12 dhparam4096.pem -rwxr-x--- 1 root root 45 17. Mai 16:12 empty.dir -rwxr-x--- 1 root root 2114 17. Mai 16:11 ispserver.crt-20250517141154.bak -rwxr-x--- 1 root root 2856 17. Mai 16:11 ispserver.crt-250517161519.bak -rwxr-x--- 1 root root 3272 17. Mai 16:11 ispserver.key-20250517141154.bak -rwxr-x--- 1 root root 227 17. Mai 16:11 ispserver.key-250517161519.bak -rw------- 1 root root 0 17. Mai 16:15 ispserver.pem -rwxr-x--- 1 root root 5386 17. Mai 16:11 ispserver.pem-20250517141154.bak -rwxr-x--- 1 root root 3083 17. Mai 16:11 ispserver.pem-250517161519.bak root@mike:/etc/apache2/sites-available# </code>
What shall I see there? The certificate and key were deleted on your system, this was clear from the beginning. So what you show there just confirms what I told you starting with post #2. Now you should start fixing it the way I described, as the way you worked around it using wrong paths will just cause your system to fail again soon, and before this happens, it's better to fix it correctly.
just calm, I deleted nothing. On the old server the directory has certs on there, the new server not at least not after the migration I will fix that as soon as possible, tomorrow or the day aft I will be able to do a snapshot on the server. I understand and thats fine, you have only one location for the cert and all others like postfix dovecot etc have symlinks to there. What I do not yet understand acme.sh has the certs under /roor/.acme/servername .. how to this relate to the certs under the ispconfig path. As I understand als system should have symlinks to certs under ispconfig/.../ssl/
I said the certificates were deleted; I did not say you intentionally deleted them. That they were there before is clear, as there are still some copies of earlier versions of the certificates in that folder. No, from my post above: You use acme.sh, so this shall not be a symlink! It shall be a copy of the certificate. And here from my other post what you shall do to fix that: So what you do is to copy the SSL certificate from acme.sh to /usr/local/ispconfig/interface/ssl/ispserver.crt and the key to /usr/local/ispconfig/interface/ssl/ispserver.key and then you fix the paths in config files you altered.
