Hi there, i have follow this guide to install Let's Encrypt,everything works fine,except when i try add Let's Encrypt for panel Code: root@server:~# ./letsencrypt-auto -bash: ./letsencrypt-auto: No such file or directory root@server:~# /certbot-auto certonly --webroot -w /var/www -d server.mysite.com -bash: /certbot-auto: No such file or directory root@server:~# certbot certonly --webroot -w /usr/local/ispconfig/interface/web -d server.mysite.com certbot: command not found root@server:~# letsencrypt certonly --webroot -w /var/www -d server.mysite.com letsencrypt: command not found root@server:~# ./letsencrypt-auto --help -bash: ./letsencrypt-auto: No such file or directory both of letsencrypt or certbot not works in command line,so i have to install Let's Encrypt again or?thanks!
Hello florian, But if letsencrypt is installed,why those command lines not work,how to fix it? many thanks! Code: certbot certonly --webroot -w /usr/local/ispconfig/interface/web -d server.mysite.com letsencrypt certonly --webroot -w /var/www -d server.mysite.com
You could try navigating to the /opt/certbot directory and use ./certbot-auto to run the code - I am using Debian Jessie and this what I needed to do to get it working.
@florian030 thanks for your information. @kerrsmith,thanks,navigating to the /opt/certbot directory and use ./certbot-auto is correct,i can run the code,but there something wrong Code: Failed authorization procedure. server.xxxxx.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://server.xxxxx.com/.well-known/acme-challenge/nhWUB3y_hLNQSVlQnqAZKDwIcjoTzuGMvLEStoPtrR4: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p" IMPORTANT NOTES: - The following errors were reported by the server: Domain: server.xxxxx.com Type: unauthorized Detail: Invalid response from http://server.xxxxx.com/.well-known/acme-challenge/nhWUB3y_hLNQSVlQnqAZKDwIcjoTzuGMvLEStoPtrR4: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p" To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. do you know how to fix it? my all website Letsencrypt works when admin panel Letsencrypt checkbox chcked,now i want my admin panel(server.xxxxx.com) can work with Letsencrypt too. i'm using ubuntu 14.04,apache 2
If you have a site already set up with a Letsencrypt certificate (mydomain.com) and want to use this to log in to the control panel (mydomain.com:8080) then please see the following post: https://www.howtoforge.com/communit...-control-panel-certificate.74113/#post-348752 This basically uses the same certificate created for the domain 'mydomain.com' for the ISPConfig control panel at 'mydomain.com:8080' - you just have to link to the already created certificate.
@kerrsmith Thanks for info. but i have a problem when i restart apache2,there are something wrong,and now i can't link all websites and ispconfig admin,is there somthing wrong? Code: root@server:/usr/local/ispconfig/interface/ssl# ln -s /var/www/clients/client0/web1/ssl/server.MYSITE.com.nl.bundle ispserver.bundle root@server:/usr/local/ispconfig/interface/ssl# ls -lha total 32K drwxr-x--- 2 root root 4.0K Dec 7 07:08 . drwxr-x--- 9 ispconfig ispconfig 4.0K Oct 6 02:15 .. -rwxr-x--- 1 root root 45 Nov 27 13:44 empty.dir lrwxrwxrwx 1 root root 61 Dec 7 07:08 ispserver.bundle -> /var/www/clients/client0/web1/ssl/server.MYSITE.com.nl.bundle lrwxrwxrwx 1 root root 58 Dec 7 06:52 ispserver.crt -> /var/www/clients/client0/web1/ssl/server.MYSITE.com.nl.crt -rwxr-x--- 1 root root 2.1K Jun 9 06:50 ispserver.crt.backup -rwxr-x--- 1 root root 1.8K Jun 9 06:50 ispserver.csr lrwxrwxrwx 1 root root 58 Dec 7 06:52 ispserver.key -> /var/www/clients/client0/web1/ssl/server.MYSITE.com.nl.key -rwxr-x--- 1 root root 3.2K Jun 9 06:50 ispserver.key.backup -rwxr-x--- 1 root root 3.3K Jun 9 06:47 ispserver.key.secure root@server:/usr/local/ispconfig/interface/ssl# service apache2 restart * Restarting web server apache2 [fail] * The apache2 configtest failed. Output of config test was: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.conf:69 AH00526: Syntax error on line 63 of /etc/apache2/sites-enabled/000-ispconfig.vhost: SSLCertificateFile: file '/usr/local/ispconfig/interface/ssl/ispserver.crt' does not exist or is empty Action 'configtest' failed. The Apache error log may have more information. root@server:/usr/local/ispconfig/interface/ssl#
It looks like problem is with the following line: SSLCertificateFile: file '/usr/local/ispconfig/interface/ssl/ispserver.crt' does not exist or is empty You will need to check that the path for the link is correct and that this file exists and is not empty.
@kerrsmith after follow your step Code: # ln -s /var/www/clients/client1/web9/ssl/yourpaneldomain.nl.crt ispserver.crt # ln -s /var/www/clients/client1/web9/ssl/yourpaneldomain.nl.key ispserver.key # ln -s /var/www/clients/client1/web9/ssl/yourpaneldomain.nl.bundle ispserver.bundle Then in the file /etc/apache2/sites-available/ispconfig.vhost I had to uncomment the following line: SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle and check the file in '/usr/local/ispconfig/interface/ssl/' folder, image: http://imgur.com/77H88Mw the ispserver.crt is exists,but restart apache still not success,the same error message, how can i fix it?maybe it's a why the crt file is empty many thanks for your help!
Have you checked to make sure the relevant files exist in the /var/www/clients/client1/web9/ssl/ directory? I would have a look here first to make sure the files exist and then check to make sure that they themselves link to the letsencrypt files. For example on my server: /var/www/mydomain.com/ssl contains the following files which in turn link again to the letsencrypt ones: mydomain.com.key -> /etc/letsencrypt/live/mydomain.com/privkey.pem mydomain.com.crt -> /etc/letsencrypt/live/mydomain.com/cert.pem mydomain.com.bundle -> /etc/letsencrypt/live/mydomain.com/chain.pem
Hi kerrsmith, Have you checked to make sure the relevant files exist in the /var/www/clients/client1/web9/ssl/ directory? Yes,i'm sure my server domain name same with one of my website, example: AAA.com and my server login url is server.AAA.com , and my website AAA.com not in /var/www/clients/client1/web9/ssl/ ,it's in /var/www/clients/client0/web1/ directory,so i change it ,and forgot edit my post before, Code: ln -s /var/www/clients/client0/web1/ssl/www.aaa.com.nl.crt ispserver.crt ln -s /var/www/clients/client0/web1/ssl/www.aaa.com.nl.key ispserver.key ln -s /var/www/clients/client0/web1/ssl/wwww.aaa.com.nl.bundle ispserver.bundle in /var/www/clients/client0/web1/ssl/,i have these files: aaa.com-le.bundle aaa.com-le.crt aaa.com-le.key www.aaa.bundle www.aaa.bundle.err www.aaa.com.crt www.aaa.com.crt.err www.aaa.com.key www.aaa.com.key.err www.aaa.com.key~
Okay,i found what's wrong,i forgot change the file name,it's different, after i change the file name to correct,no error message show again,but ssl not work, firefox show the warning message: The certificate is only valid for www.aaa.com Chrome Firefox and IE and Safari all the same,SSL not work Code: ln -s /var/www/clients/client0/web1/ssl/www.aaa.com.crt ispserver.crt ln -s /var/www/clients/client0/web1/ssl/www.aaa.com.key ispserver.key ln -s /var/www/clients/client0/web1/ssl/www.aaa.com.bundle ispserver.bundle
working now! i change it to Code: ln -s /var/www/clients/client0/web1/ssl/aaa.com-le.crt ispserver.crt ln -s /var/www/clients/client0/web1/ssl/aaa.com-le.key ispserver.key ln -s /var/www/clients/client0/web1/ssl/aaa.com-le.bundle ispserver.bundle https://aaa.com:8080 ssl works,but https://server.aaa.com not work,i don't know why,but it's ok! Many thanks kerrsmith,you are my god!
That's great - I am very pleased you got it working! For the server.aaa.com you would need to check this subdomain was included in the certificate (I think). I have not done anything like this so am not quite sure.
