Installation of ISP config 3.2.11p1 on target server (Debian 11) Successful creation and installation of ispserver cert with acme.sh during installation. After migration with the migration tool (source version 3.2.1 Debian 10) : impossible to generate cert for any site even a new one (not migrated). When trying to enable LE from the panel, the virtualhost section is not wrote at all in vhost apache file, nor any cert is issued in /root/.acme. According to acme's manual, creation and installation of certs works fine from command line (acme challenge successfull) : Code: acme.sh --issue -d domain.tld -d www.domain.tld -w /usr/local/ispconfig/interface/acme Code: acme.sh --install-cert -d domain.tld --ecc --cert-file /var/www/domain.tld.com/ssl/domain.tld-le.crt --key-file /var/www/domain.tld/ssl/domain.tld-le.key --fullchain-file /var/www/domain.tld/ssl/domain.tld-le.pem --reloadcmd "sudo systemctl reload apache2" (I edited the migrated vhost files accordingly so every site enables TLS transactions via https.) The creation and utilisation of self-signed certificates from the panel works fine. Did I missed something to configure for LE issuing with acme.sh to work properly from the panel ?
First, take care to remove any SSL certs that you created manually with acme.sh. Then follow let#s ebcrpyt FAQ to find out why certs do not get created: https://forum.howtoforge.com/threads/lets-encrypt-error-faq.74179/ E.g. maybe migration mode is still active.
What was Let's Encrypt client on SOURCE system before migration? Successful migration of certificates with Migration Tool requires SOURCE and TARGET use same LE client. The report shows PHP version is wrong. See Read Before Posting "Panel not showing up" -part. To see why certificates are not created, see https://forum.howtoforge.com/threads/lets-encrypt-error-faq.74179/
Deactivate migration mode did the trick. So maybe a synopsis for migration from a source server using cerbot as LE client to a target server using acme.sh should be "after completed migration deactivate the migration mode and resync" ?
Migration mode gets disabled automatically after migration unless http server failed at the end of the migration so that the tool was not able to reach the target system anymore to isable migration mode. A resync after migration is normally not needed, unless you have chosen to not migrate SSL certs and your target system does not use the same LE client.
Btw, migration seemed to be successfully completed… By now everything seems to work properly, and LE client has been migrate form certbot to acme.sh. Thank all for your amazing job on these tools.
