I am running latest ISPconfig 3 on Debian 9 with perfect server setup (minus the email setup, which I outsourced). SSL with Let's Encrypt works easily on all the sites and domains I configure (running 3 other domains + some extra apps attached to some of them), but there is one domain which for some reason just doesn't work. SSL itself gets created in /etc/letsencrypt live and renewal config are both there for that domain. I can't find any lets encrypt errors, no errors on ispconfig, no system errors If i navigate to https://problemdomain.com it actually shows that I am using certificate for anotherdomain-on-same-server.com thus unsecure. After I enable LE on ISPconfig the check marks just disappear after getting 'applied'. The .vhost file doesn't include the SSL config for that domain for some reason. All DNS records are more or less configred in exactly the same way as other domains that work, but I wouldn't assume its to do with DNS since the certificate actually gets created, meaning it gets verified? What could be the issue? What should I troubleshoot?
Most likely DNS problem on that particular domain. When ISPConfig/Letsencrypt/Cert fails it directs all browser traffic to first folder under /var/www/ directory hence the cert error you see. I recommend creating a site named something like 1.your-ispconfig-server.com that takes all the cert error traffic with explanation what went wrong (like this: http://1.ic4.eu/ ) Check DNS records on the domain that failed and fix them. Code: dig @1.1.1.1 failed-domain.com Letsencrypt - Cursed be thy name.