Hello, Server is the perfect server ISPConfig 3.1.7p1 debian 8 has only two sites. One site works as expected but the second one which is OK when you visit https but it shows apache default when you try http. Here is some data hope you could help us. .vhost is attached. # hostname -f srv1.domain.com # hostname srv1 What could be wrong? Do I need to change the hostname. Thanks,
Yes, both sites has * in website --> IP address What I am trying to do is the first step in the following tutorial: https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/ I think I need to create my "server website" that is different than the output of hostname -f. I am just confused. Thanks,
The server hostname should be what hostname -f returns. Did you check that the server hostname (the hostname -f result) points to the IP address of the server in DNS? Or does hostname -f returns a wrong hostname?
Thanks Till for the response, The following command returns what we expect as below: Code: # hostname -f srv1.domain.com Our DNS records has an A record that points "srv1.domain.com" to the public IP address. The question now is when you created the server's website as per https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/ we used srv1.domain.com for the website is this correct? or what exactly you mean by create a server's website? By the way domain.com website works perfect as expected. Thanks in advance,
Yes, that's correct. I just noticed that you are using an older ISPConfig version, there were some issues with LE in the past,please update ISPConfig to 3.1.111 and try again to create the LE cert for the site.
Good day, I have updated the server to "ISPConfig 3.1.11" but still the same issue. I am not sure if I explained the problem properly. Here is it in a different way. 1- The ISPconfig3 server is a year old and it works with no issues as expected with one site domain.com 2- I want to secure the panel as per https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/ 3- I understood from the "first step" that the proper way to setup a server in general is to have a server site. the site suppose to match exactly Code: hostname -f which is in my case srv1.domain.com 4- When done step 3, the LE certificate works, but the http shows the apache default page. Thus I did not continue the tutorial. ----------------- Some hints about my setup and my trials: - The server is on a private network and NATed to the public. - Code: /etc/hosts 127.0.0.1 localhost 192.168.60.3 srv1.domain.com srv1 - if I create a site like server1.domain.com (or anything different than srv1) both work, http and https. I think my issue is a poor planning from the beginning for lack of the best practice knowledge. I appreciate your input
Thanks for the quick response, I agree with you and I do not care about the http link, but is there a way to hide it to not appear? I tried redirect but it does not work. Cheers,
Sorry Till, I was not clear. I mean http://srv1.domain.com is showing the apache default page however the https://srv1.domain.com shows the correct ispconfig default page. How about using something different than srv1 like server1.domain.com When I tested that the both http and https work and shows the default ispconfig page and the redirect from http to https works. Is there anything wrong doing this? I am not sure about the best practice, specially it is a production server and I do not like to mess up the clients. Thanks again,
Ah ok, I understand the problem now Please take a look into the apache default vhost file and there in the <VirtualHost ......> line. If you have <VirtualHost *:80> there, you can try to change it to <VirtualHost _default_:80> and then restart apache.
First I thought the problem was solved but after I cleared the cache. I figured it is still the same issue. http shows apache default page https shows the ispconfig default page with the green lock from Let's Encrypt. I wonder if there is other option with _default_ Thanks in advance,
