Yeah, everything is up to date. I have run both apt-get update and apt-get upgrade and there was nothing to update
Hi, Th0m Looks like that might be the issue, The output is below. How would I resolve this? Code: Create new ISPConfig SSL certificate (yes,no) [no]: yes Checking / creating certificate for server1.dutyhosts.net Using certificate path /root/.acme.sh/server1.dutyhosts.net Server's public ip(s) (185.144.158.127, 2a07:3b80:0:3d37:3f12:6885:96af:53f5) not found in A/AAAA records for server1.dutyhosts.net: 104.21.45.29, 172.67.208.54, , Ignore DNS check and continue to request certificate? (y,n) [n]: y Using apache for certificate validation [Wed 27 Jan 2021 06:57:16 PM UTC] server1.dutyhosts.net:Verify error:Invalid response from http://server1.dutyhosts.net/.well-known/acme-challenge/cQrfIycQLGgTVxl1zXTTJrBHKPPIb6nbjCYQcxhposA [2606:4700:3035::6815:2d1d]: [Wed 27 Jan 2021 06:57:16 PM UTC] Please check log file for more details: /var/log/ispconfig/acme.log Issuing certificate via acme.sh failed. Please check that your hostname can be verified by letsencrypt Could not issue letsencrypt certificate, falling back to self-signed. Generating RSA private key, 4096 bit long modulus (2 primes) ..........................................++++ .++++ e is 65537 (0x010001)
Alright, so the DNS records for server1.dutyhosts.net do not point to the correct IP. It will create a self signed cert that should work, but you are not accesing the correct server, so you are debugging the wrong system. Fix the DNS records.
Unless I'm missing something the DNS record is correct Although the DNS checker shows what i presume to be the Cloudflare IPs.
Sure this is attached. but even if the issue was with the hostname DNS wouldn't the server IP still give access? (https://185.144.158.127:8080/index.php)
Still no luck, unfortunately. Code: Create new ISPConfig SSL certificate (yes,no) [no]: yes Checking / creating certificate for server1.dutyhosts.net Using certificate path /root/.acme.sh/server1.dutyhosts.net Using apache for certificate validation [Wed 27 Jan 2021 08:11:29 PM UTC] server1.dutyhosts.net:Verify error:Invalid response from http://server1.dutyhosts.net/.well-known/acme-challenge/SKQq0GWeTg7i4KqgBa31j_mKONX5lZKx_8id0tjjpmk [185.144.158.127]: [Wed 27 Jan 2021 08:11:29 PM UTC] Please check log file for more details: /var/log/ispconfig/acme.log Issuing certificate via acme.sh failed. Please check that your hostname can be verified by letsencrypt Could not issue letsencrypt certificate, falling back to self-signed. Generating RSA private key, 4096 bit long modulus (2 primes) ...........................................................................................................................................++++ .................................................................................++++ e is 65537 (0x010001)
Maybe https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6015#note_88284 ? That's just a guess, as your pasted message says, check /var/log/ispconfig/acme.log to see what it says.
Hi Jesse That doesn't seem to have worked, unfortunately. I have attached the acme log Code: Using certificate path /root/.acme.sh/server1.dutyhosts.net Using apache for certificate validation [Thu 28 Jan 2021 08:22:24 PM UTC] server1.dutyhosts.net:Verify error:Invalid response from http://server1.dutyhosts.net/.well-known/acme-challenge/IWmW4zG-tWTEofWqhRWh-zgkR0gt8Fbju3_Pl874UBE [185.144.158.127]: [Thu 28 Jan 2021 08:22:24 PM UTC] Please check log file for more details: /var/log/ispconfig/acme.log Issuing certificate via acme.sh failed. Please check that your hostname can be verified by letsencrypt Could not issue letsencrypt certificate, falling back to self-signed.
Try: Code: echo "this is a test" > /usr/local/ispconfig/interface/acme/.well-known/acme-challenge/test.txt chown ispconfig:ispconfig /usr/local/ispconfig/interface/acme/.well-known/acme-challenge/test.txt And see what you get requesting http://server1.dutyhosts.net/.well-known/acme-challenge/test.txt
What do you have in your apache access and error logs for that verification request (Thu 28 Jan 2021 08:22:24 PM UTC)?
The Access log shows. Code: ::1 - - [28/Jan/2021:08:19:02 +0000] "GET / HTTP/1.1" 200 10959 "-" "Mozilla/5.0 (ISPConfig monitor)" ::1 - - [28/Jan/2021:08:20:01 +0000] "GET / HTTP/1.1" 200 10959 "-" "Mozilla/5.0 (ISPConfig monitor)" ::1 - - [28/Jan/2021:08:20:02 +0000] "GET / HTTP/1.1" 200 10959 "-" "Mozilla/5.0 (ISPConfig monitor)" ::1 - - [28/Jan/2021:08:21:01 +0000] "GET / HTTP/1.1" 200 10959 "-" "Mozilla/5.0 (ISPConfig monitor)" ::1 - - [28/Jan/2021:08:22:01 +0000] "GET / HTTP/1.1" 200 10959 "-" "Mozilla/5.0 (ISPConfig monitor)" ::1 - - [28/Jan/2021:08:23:01 +0000] "GET / HTTP/1.1" 200 10959 "-" "Mozilla/5.0 (ISPConfig monitor)" ::1 - - [28/Jan/2021:08:24:02 +0000] "GET / HTTP/1.1" 200 10959 "-" "Mozilla/5.0 (ISPConfig monitor)" ::1 - - [28/Jan/2021:08:25:01 +0000] "GET / HTTP/1.1" 200 10959 "-" "Mozilla/5.0 (ISPConfig monitor)" ::1 - - [28/Jan/2021:08:25:02 +0000] "GET / HTTP/1.1" 200 10959 "-" "Mozilla/5.0 (ISPConfig monitor)" And the error log shows Code: [Thu Jan 28 00:00:05.816018 2021] [mpm_prefork:warn] [pid 38908] AH00167: long lost child came home! (pid 38920) [Thu Jan 28 08:32:37.575802 2021] [php7:error] [pid 42930] [client 111.179.52.234:60594] script '/var/www/html/index.php' not found or unable to stat
In your access log you'll find a request for '/.well-known/acme-challenge/IWmW4zG-tWTEofWqhRWh-zgkR0gt8Fbju3_Pl874UBE' from lets encrypt's verification server, unless maybe they have old dns info cached (cloudflare's ip?) and that's what's causing your problem.
Sorry i misread and noticed you put PM on the end ha How would this be resolved? Code: 3.128.26.105 - - [28/Jan/2021:20:22:22 +0000] "GET /.well-known/acme-challenge/IWmW4zG-tWTEofWqhRWh-zgkR0gt8Fbju3_Pl874UBE HTTP/1.1" 403 363 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" 34.211.6.84 - - [28/Jan/2021:20:22:22 +0000] "GET /.well-known/acme-challenge/IWmW4zG-tWTEofWqhRWh-zgkR0gt8Fbju3_Pl874UBE HTTP/1.1" 403 363 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" 52.28.236.88 - - [28/Jan/2021:20:22:22 +0000] "GET /.well-known/acme-challenge/IWmW4zG-tWTEofWqhRWh-zgkR0gt8Fbju3_Pl874UBE HTTP/1.1" 403 363 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" 66.133.109.36 - - [28/Jan/2021:20:22:22 +0000] "GET /.well-known/acme-challenge/IWmW4zG-tWTEofWqhRWh-zgkR0gt8Fbju3_Pl874UBE HTTP/1.1" 403 363 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"