ISPConfig fresh installation on Debian 10, but acme.sh failed to issue certificate

Discussion in 'Installation/Configuration' started by muhamad, Aug 25, 2021.

Tags:
  1. muhamad

    muhamad New Member

    We follow this tutorial, https://www.howtoforge.com/perfect-server-debian-10-nginx-bind-dovecot-ispconfig-3.1/ except we skipped installing Jailkit, Mailman, and Roundcube. When we did ISPConfig installation, we got the following messages:
    req: Can't open "smtpd.key" for writing, No such file or directory
    PHP Warning: symlink(): No such file or directory in /tmp/ispconfig3_install/install/lib/installer_base.lib.php on line 2827​
    and when we answered "y" on SSL question, we got these messages:
    Checking / creating certificate for our.hostname
    Using certificate path /root/.acme.sh/our.hostname
    Using nginx for certificate validation
    acme.sh is installed, overriding certificate path to use /root/.acme.sh/our.hostname
    [Wed 25 Aug 2021 05:33:49 AM WIB] Please add '--debug' or '--log' to check more details.
    [Wed 25 Aug 2021 05:33:49 AM WIB] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
    Issuing certificate via acme.sh failed. Please check that your hostname can be verified by letsencrypt
    Could not issue letsencrypt certificate, falling back to self-signed.​
    We have checked the our.hostname with https://tools.letsdebug.net/, everything is okay. Note:
    1. In the explanation above, we replaced our real domain with "our.hostname"
    2. This is 2nd installation, after the 1st one failed. We deleted /usr/local/ispconfig & dbispconfig database in MySQL, before 2nd installation.
     
    Last edited: Aug 25, 2021
    muhamad, Aug 25, 2021
    #1
  2. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    Right now there is a problem with letsencrypt in the stable branch, try installing the nightly build.
     
    Jesse Norell, Aug 25, 2021
    #2
    muhamad, ahrasis and chief like this.
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    Run the command:

    ispconfig_update.sh

    choose nightly build during update like @Jesse Norell mentioned already and when the updater asks to recreate the SSL cert, choose yes.
     
    till, Aug 25, 2021
    #3
    muhamad and chief like this.
  4. chief

    chief Member HowtoForge Supporter

    I went through the same issue, spent days and days trying different ways. Till, Norell and others helped and contributed to my same issue.
    Install isp, follow the setup tutorial to the letter, then on panle, web01 (where in tutorial it states to press enter) these are the servers you will need to
    Code:
    ispconfig_update.sh --force
choose nightly
    as till suggests, you may also need to delete the self signed cert which is in
    Code:
    //usr/local/ispconfig/interface/ssl/
    and delete all ispconfig.* files.
    then retry
     
    chief, Aug 25, 2021
    #4
    muhamad likes this.

Share This Page