Hello, i am using debian 11 and latest version of ispconfig. All works fine, i am using LE for all my sites and works fine. But every night in ssl check in lets encrypt log i can see Code: [Tue 01 Feb 2022 12:43:01 AM CET] di='/root/.acme.sh/hd518.hostname/' [Tue 01 Feb 2022 12:43:01 AM CET] d='hd518.hostname' [Tue 01 Feb 2022 12:43:01 AM CET] Using config home:/root/.acme.sh [Tue 01 Feb 2022 12:43:01 AM CET] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue 01 Feb 2022 12:43:01 AM CET] DOMAIN_PATH='/root/.acme.sh/hd518.hostname' [Tue 01 Feb 2022 12:43:01 AM CET] Renew: 'hd518.hostname' [Tue 01 Feb 2022 12:43:01 AM CET] Le_API='https://acme-v02.api.letsencrypt.org/directory' [Tue 01 Feb 2022 12:43:01 AM CET] Using config home:/root/.acme.sh [Tue 01 Feb 2022 12:43:01 AM CET] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue 01 Feb 2022 12:43:01 AM CET] Skip invalid cert for: hd518.hostname[Tue 01 Feb 2022 12:43:01 AM CET] Return code: 2 [Tue 01 Feb 2022 12:43:01 AM CET] Skipped hd518.hostname How can i fix it? And set lets encrypt for hostname?
Maybe this could be with DNS problems? I step by step my vps a few months ago via this tutorial and all works fine https://www.howtoforge.com/perfect-server-debian-10-buster-apache-bind-dovecot-ispconfig-3-1/ . I access to my ISPCONFIG or webmail, phpmyadmin via IP address of vps, so example https://MyIP:8080/index.php When i type my hostname to browser, o get DNS_PROBE_FINISHED_NXDOMAIN. Maybe i should add in ispconfig in DNS zone A records for my hostname? Not sure why, but everyhting else works fine, just can not found reason why i can see this message in LE logs.
The Let's Encrypt Error FAQ should help finding what is wrong with LE: https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/ If you suspect DNS errors, fix them first because if DNS is wrong LE can not give the certificate. Is the hd518.hostname a placeholder name because you want to hide the real FQDN? If hd518.hostname is the actual hostname, that can not work with LE since .hostname is not a real top level domain. My signature has link to DNS setup tutorial, it has info on troubleshooting DNS problems.
Thank you. My hostname is hd518.hostname.net hostname.net is not working in internet, because this is URL of my provider where i have hosted dedicated server. I check what you wrote, but maybe i should try to create new nameservery in my domain provider, add new nameservers in ispconfig?
If your domain provider offers name service, use that. It is easier that setting up your own two name servers (see my signature on Tutorial what name service setup involves). You can not get LE certificates before your host is properly set up in name service, no matter where that name service is running.
Thank you so much. For clarification with hidden information, my provider of dedicated server is myprovider.com. I bought there a few months ago dedicated server which get after create name myds15. After i did installation of debian 11 with ispconfig, all works fine, lets encrypt for domains working fine, renew of LE etc. But as my hostname of dedicated server is provider name, in this case is hostname of my server myds15.myprovider.com This name i can see as host of my dedicated server in ispconfig. This url is not working, is not in DNS, in browser get just DNS_PROBE_FINISHED_NXDOMAIN All works fine, only problem is that in LE log i can see [Tue 01 Feb 2022 12:43:01 AM CET] Skip invalid cert for: myds15.myprovider.com[Tue 01 Feb 2022 12:43:01 AM CET] Return code: 2 [Tue 01 Feb 2022 12:43:01 AM CET] Skipped myds15.myprovider.com Maybe because this i can not get SSL for my ispconfig, ISPConfig i can see via IPofMyServer:8080/index.php
Does your host show correct hostname for commands Code: hostname hostname -f If it does, ISPConfig can get the LE certificate when the hostname is in name service. Try asking that provider how you can get name service for your hostname.
My preference is always to use my own domain for my server e.g. sub.domain.tld as provider domain may be used too many times in applying LE certs and that may cause failure in obtaining or renewing them.
Thank you. So do you think that best solution is in nameservers admin create fo example non exist subdomain ds.mydomain.com, set A record to my deticated server and in ISPconfig page manager add this ds.mydomain.com as new domain? And change hostname in /etc/hosts /etc/postfix/main.cf /home/admispconfig/ispconfig/lib/config.inc.php /root/ispconfig/httpd/conf/httpd.conf /etc/hostname ?