Hey everyone, this morning, I came across some strange behaviour with Let'sEncrypt. First: All of a sudden, my services completely restarted. I thought "Well, might happen sometimes" and didn't think any of it, continues writing my mails when suddenly my mail client reported "SMTP server unreachable". Long story short: After analysis, my Apache log finally gave me a clue: "Private key and certificate do not match". It revoked the old certificate and issued a new, using certbot-auto certbot-auto certonly --standalone -d kirito.ennabe.de Now, the certificate got issued and everything LOOKED fine, but when I replaced the existing self-signed certs with the LE ones (using ln -s), I still got the message "[...] do not match" What's going on? Am I too dumb to correctly configure the server? I have checked DNS settings, everything is fine, so DNS is pretty much ruled out. Thank you very much in advance. Kind Regards Zero
Assuming this is ispconfig 3.1? For the website problem(s), do you have any values entered under the SSL tab for that website(s)? Was the apache message for the same domain as your mail server? Ie. did you add that domain as a website, enable letsencrypt for it, and also use that same certificate in /etc/letsencrypt/live/domain.tld/ for the mail server? If so the previous question about if there's anything (key/certificate/chain) entered under SSL tab would also be relevant to the mail server.