LetsEncrypt Live No such file or directory

I'm installing ISPConfig (NginX only) on Debian 10. Although I'm very new to this I got it running but I can't seem to be able to get passed this:

Code:

root@host:/usr/local/ispconfig/interface/ssl# ls -l /etc/letsencrypt/live/
ls: cannot access '/etc/letsencrypt/live/': No such file or directory
root@host:/usr/local/ispconfig/interface/ssl# 

...and the list of the ssl folder after I tried getting new crt and key.

Code:

root@host:/usr/local/ispconfig/interface/ssl# ls
empty.dir      ispserver.crt-220108200301.bak  ispserver.crt-220108220356.bak  ispserver.key-220108200402.bak  ispserver.key-220108220358.bak  ispserver.pem              ispserver.pem-220108220401.bak
ispserver.crt  ispserver.crt-220108220211.bak  ispserver.key              ispserver.key-220108220216.bak  ispserver.key.secure          ispserver.pem-220108220219.bak

So if I run:

Code:

root@host:/usr/local/ispconfig/interface/ssl# ls -l /etc/letsencrypt/live/
ls: cannot access '/etc/letsencrypt/live/': No such file or directory
root@host:/usr/local/ispconfig/interface/ssl# 

I would expect my domain to be there? mydomain.com
I tried to give SSL to my hostname through ISPConfig, the SSL check stays on, Let'sEncrypt just turns off after saving.
As I understand I need to be able to do this before I can link it to ispserver.

Code:

ln -s /etc/letsencrypt/live/mydomain.com/privkey.pem ispserver.key

A noob-proof answer would be highly appreciated. Thanks in advance!

 

And may I know why are you doing this manually since ISPConfig installer since 3.2 can already create LE SSL certs for the server and its main apps / softwares (mail, ftp etc) and renew them automatically upon ISPConfig install or update?

 

Thank you for your reply. I was following along a manual install tutorial that includes lots of additional hardening (youtube/channel/UCec7O3cwcegBK7_KRxpHf0Q/videos) both for (my personal)educational purpose and because I couldn't get the installer working somehow.. I was confused if Roundcube would be included and properly set to the correct port on a server with NginX only.

 

If you did not get the ISPConfig installer working, then you need to raise the issue providing what you have done leading to that issue.

 

Thanks, I will try to do that. Will there be any way I can proceed at the point I got stuck? Everything seems working fine, other than that. Thanks in advance.

 

Simply update ISPConfig and choose to create LE SSL during that process and tell us how it goes.

 

Thanks, I did an update and reinstalled SSL certificates. Because I also asked this question in the ISPConfig forum (I thought my first post in the Linux forums was misplaced) Th0m suggested it would be the use of the acme.sh

I think you are correct. Although I also have certbot installed with with snap.
This is in /.acme.sh

Code:

root@host:~/.acme.sh# ls
account.conf  acme.sh  acme.sh.env  ca    deploy    dnsapi    host.<mydomain>.com  http.header    notify

And the files in my host.<mydomain>.com folder:

Code:

root@host:~/.acme.sh# cd host.<mydomain>.com
root@host:~/.acme.sh/host.<mydomain>.com# ls
host.<mydomain>.com.conf    host.<mydomain>.com.csr  host.<mydomain>.com.csr.conf  host.<mydomain>.com.key
root@host:~/.acme.sh/host.<mydomain>.com#

Any thoughts on how to solve this?

I think I should be using .acme.sh instead of certbot if I understood correctly.
If I check the SSL certificate in the browser of my ISPConfig install it says:

host.<mydomain>.com
Root certificate authority
This root certificate is not trusted​