Let's Encrypt goes crazy?

Discussion in 'Installation/Configuration' started by kameleon1er, Jun 1, 2023.

  1. kameleon1er

    kameleon1er Member

    Hi guys, it's been a while :)

    I'm still having problems with my Let's Encrypt SSL certificates.

    Now, in my web browser, if I connect to my ispConfig console, the browser tells me that there is a valid certificate for "srv-b.democrasite.com" = my machine's name, which I didn't have before. No warning, then, and the little padlock appears.

    On the other hand, all the sites then declared in ispConfig > Sites > domains or domain aliases don't work properly, giving me a warning in the browser that I don't have a valid certificate.

    And for a domain alias that should point to my Wordpresse multisite installation, it doesn't work at all; ianpatrickimages.com.

    Can I ask ispConfig to recreate the entire certificate creation process for the main domain and the domain aliases?

    I put here some info about "Let's Encrypt - Log (Server: srv-b.democrasite.com)".

    Thanks a lot.

    2023-06-01 15:23:16,631:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
    2023-06-01 15:23:17,007:DEBUG:certbot._internal.main:certbot version: 2.6.0
    2023-06-01 15:23:17,007:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/3024/bin/certbot
    2023-06-01 15:23:17,007:DEBUG:certbot._internal.main:Arguments: ['--domains', 'democrasite.com', '--domains', 'www.democrasite.com', '--domains', 'opaz-ateliers.com', '--domains', 'www.opaz-ateliers.com', '--domains', 'vmxparis.com', '--domains', 'www.vmxparis.com', '--domains', 'alainroussel.com', '--domains', 'www.alainroussel.com', '--domains', 'alleray.fr', '--domains', 'www.alleray.fr', '--domains', 'auberjazzday.fr', '--domains', 'www.auberjazzday.fr', '--domains', 'cobaltateliers.com', '--domains', 'www.cobaltateliers.com', '--domains', 'prstrange.com', '--domains', 'www.prstrange.com', '--domains', 'ianpatrickimages.com', '--domains', 'www.ianpatrickimages.com', '--preconfigured-renewal']
    2023-06-01 15:23:17,007:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
    2023-06-01 15:23:17,055:DEBUG:certbot._internal.log:Root logging level set at 30
    2023-06-01 15:23:17,661:DEBUG:certbot._internal.display.obj:Notifying user: Found the following matching certs:
      Certificate Name: democrasite.com
        Serial Number: 3dd971142d24869c88536d1eaa1232fe589
        Key Type: RSA
        Domains: democrasite.com alainroussel.com alleray.fr auberjazzday.fr cobaltateliers.com ianpatrickimages.com opaz-ateliers.com prstrange.com vmxparis.com www.alainroussel.com www.alleray.fr www.auberjazzday.fr www.cobaltateliers.com www.democrasite.com www.ianpatrickimages.com www.opaz-ateliers.com www.prstrange.com www.vmxparis.com
        Expiry Date: 2023-06-01 02:08:46+00:00 (INVALID: EXPIRED)
        Certificate Path: /etc/letsencrypt/live/democrasite.com/fullchain.pem
        Private Key Path: /etc/letsencrypt/live/democrasite.com/privkey.pem
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    The democrasite.com domain has a bunch of extra domain names included in the certificate. My guess is one of those extra domain names fails to resolve to your server and certificate can not be issued.
    Th0m and ahrasis like this.
  3. kameleon1er

    kameleon1er Member

    :: SOLVED ! ::
    Damn it! @Taleman, you've got laser eyes oO! One of the domains aliases no longer exists (not renewed by the customer). I deleted it and everything's back to normal.

    Thanks a lot.

    See you soon :)
    Taleman likes this.

Share This Page