On a customers server I can not create a cert fpr ISPConfig on port 8080. Single server system Letsencrypt Certs for 2 new websites are issued without a problem and works fine. ISPConfig 3,.2.5 on port 8080 has a self signed cert. So I tried as I learned an ISPConfig update with --force as it worked on other servers, but I get an self signed cert again. The servers IP is correct resolved by DNS, The reelevant lines from letsencrypt log should be Code: Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: me-web.max-eckstein.de Type: connection Detail: Fetching http://me-web.max-eckstein.de/.well-known/acme-challenge/8W3KbYKW1x-7wTxgV1btvl5mOmr3PY2IIp5Zx0ssDMk: Connection refused Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet. 2021-07-12 07:59:56,163:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/snap/certbot/1280/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 93, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/snap/certbot/1280/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 181, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-07-12 07:59:56,163:DEBUG:certbot._internal.error_handler:Calling registered functions 2021-07-12 07:59:56,164:INFO:certbot._internal.auth_handler:Cleaning up challenges 2021-07-12 07:59:56,164:DEBUG:certbot._internal.plugins.webroot:Removing /usr/local/ispconfig/interface/acme/.well-known/acme-challenge/8W3KbYKW1x-7wTxgV1btvl5mOmr3PY2IIp5Zx0ssDMk 2021-07-12 07:59:56,164:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up 2021-07-12 07:59:56,164:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/snap/certbot/1280/bin/certbot", line 8, in <module> sys.exit(main()) File "/snap/certbot/1280/lib/python3.8/site-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/snap/certbot/1280/lib/python3.8/site-packages/certbot/_internal/main.py", line 1574, in main return config.func(config, plugins) File "/snap/certbot/1280/lib/python3.8/site-packages/certbot/_internal/main.py", line 1435, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/snap/certbot/1280/lib/python3.8/site-packages/certbot/_internal/main.py", line 128, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/snap/certbot/1280/lib/python3.8/site-packages/certbot/_internal/client.py", line 445, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/snap/certbot/1280/lib/python3.8/site-packages/certbot/_internal/client.py", line 375, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/snap/certbot/1280/lib/python3.8/site-packages/certbot/_internal/client.py", line 425, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/snap/certbot/1280/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 93, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/snap/certbot/1280/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 181, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-07-12 07:59:56,166:ERROR:certbot._internal.log:Some challenges have failed Do not know whats going wrong, as ports 80, 443 and 8080 are mapped to the correct private address and I can access the websites with valid certs and the ISPConfig portal via external server https://address:8080 al well with https://servername.domain.tld:8080 but with a unsecure warning in case of the self signed cert. Server ist DEBIN 10 latest patches Thanks for any help
LE tried to reach your server under domain http://me-web.max-eckstein.de and this failed. Check DNS records (IPv4 and IPv6) and if you just added these DNS records, wait some time. And check that you have not blocked port 80 in a firewall and if this server is behind a router, take care that you forwarded port 80 from the router to the server. Btw., that's all covered in the FAQ: https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/
http://me-web.max-eckstein.de works fine and showed the default apache site index.html under /var/www. I created a new index.html and did a refresh and it showed the new page. As written the certs for the web sites max-eckstein.de www.max-eckstein.de as mezargen.de and www.mezargen.de were created fine while the last 2 are redirected to max-eckstein.de working fine. you can try yourself http://me-web.max-eckstein.de will show text "dummy website", while the http;//max-eckstein.de and the 3 others will be rerdirected to https://max-eckstein.de as configured and will show "hello world" thanks for your quick response P.S. the DNS entry for me-web.max-eckstein.de was created last friday so thats should be enough time
