Or you contact the official ISPConfig business support from schaal @it, if you need help by remote login: http://www.ispconfig.org/get-support/?type=ispconfig
I still have this problem with Let's Encrypt. I have spent the last week making sure all DNS settings are correct for all sites set up in ISPConfig and they now report with no errors when checked from mxtoolbox.com and similar. When I try and enable Let's Encrypt on any of the sites, an error is returned in the system log: e.g. Let's Encrypt SSL Cert for: turuncwalks.com could not be issued. There are no further details provided. How can I find out what error message is being returned from Let's Encrypt? Is there anything else that could be causing Let's Encrypt to fail (e.g. ISPC settings)? Thanks. Cliff
Hi Till, I haven't ruled out using the paid support but I want to understand what the problem is first. Thanks, Cliff
Check the letsencrypt log file (see also Letsencrypt FAQ post). Reason for non-working LE are: - LE is not installed properly. - LE has been issued manually on the shell for a domain that you use in ispconfig. - A domain or subdomain of that website does not point to this server in DNS or is redirected in a way that LE can not find it's verification token anymore. The purpose of the remote support is to find out what the problem is on your server in case that you can't find it yourself.
Hi Till, thanks for your helpful reply. There is nothing in the Let's Encrypt logs associated with this problem. Is there any way of testing that LE is installed properly? Or is there a way of viewing the response from LE that is causing the failure? Thanks.
Letsencrypt should log all problems when a certificate can not be authenticated. You can try to empty the /etc/letsencrypt folder to remove all config and certs that might cause it to fail. Make a backup of the data before you remove it.
Thanks Till. I have confirmed that nothing is being written to the Letsencrypt log files when I try and create a certificate. Does this meant LE is not installed properly? The only thing in the /etc/letsencrypt folder was a file called options-ssl-apache.conf. I renamed this but I still get the same problem. Cliff
Enable debugging in ispconfig: http://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/ Then enable letsencrypt for the website and run the server.sh script as root, you should see then in the debug output that ispconfig is calling letsencrypt.
Thanks Till. it looks like the LE call is being issues but rejected by LE - there is nothing in here that helps identify the problem: Code: 30.11.2016-11:03 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. 30.11.2016-11:03 - DEBUG - Found 1 changes, starting update process. 30.11.2016-11:03 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 30.11.2016-11:03 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 30.11.2016-11:03 - DEBUG - Create Let's Encrypt SSL Cert for: turuncwalks.com 30.11.2016-11:03 - DEBUG - Let's Encrypt SSL Cert domains: turuncwalks.com --domains www.turuncwalks.com 30.11.2016-11:03 - WARNING - Let's Encrypt SSL Cert for: turuncwalks.com could not be issued. 30.11.2016-11:03 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/turuncwalks.com.vhost 30.11.2016-11:03 - DEBUG - Writing the PHP-FPM config file: /etc/php/7.0/fpm/pool.d/web7.conf 30.11.2016-11:03 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'. 30.11.2016-11:03 - DEBUG - Restarting php-fpm: systemctl reload php7.0-fpm.service 30.11.2016-11:03 - DEBUG - Apache status is: running 30.11.2016-11:03 - DEBUG - Calling function 'restartHttpd' from module 'web_module'. 30.11.2016-11:04 - DEBUG - Restarting httpd: systemctl restart apache2.service 30.11.2016-11:04 - DEBUG - Apache restart return value is: 0 30.11.2016-11:04 - DEBUG - Apache online status after restart is: running 30.11.2016-11:04 - DEBUG - Processed datalog_id 758 30.11.2016-11:04 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock finished.
Thanks to everyone who contributed to this thread - it is much appreciated. I am pleased to report that my problem has been fixed by Florian at Schaal IT. It seems there was a misconfiguration in the LE installation. The service provided by Schaal IT was excellent - very fast and very effective. I don't normally like paying for services like this but for a few Euros Florian has saved me hours of wasted time.
