Local installation ispconfig on ubuntu 22.04

Discussion in 'Installation/Configuration' started by Walterpet, Nov 3, 2023.

  1. Walterpet

    Walterpet Member

    Dear Sirs,
    I'm trying to install ISPconfig on ubuntu 22.04 locally (Thom is setting up my new server).

    The directions I followed were:
    1) Installed Ubuntu Server 22.04;
    2) followed these directions: https://www.howtoforge.com/ispconfig-autoinstall-debian-ubuntu/

    ISPconfig works well and so does phpmyadmin but when I go to configure the first website it gives me an error. Apache works at the url /var/www/html/ but not the path indicated by ISPconfig.
    What am I doing wrong?

    With best regards,

    Walter
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    You must access the website by its domain name. For a local install, you can do this e.g. by editing the hosts file on your desktop (works on Windows, Mac, and Linux) to point the domain name to the IP address of your internal server. See: https://www.faqforge.com/linux/serv...ess-a-namebased-website-without-a-dns-record/
    You must be aware that Let's Encrypt will not issue a certificate for your internal server, so you must either not use SSL or create a self-signed SSL cert and then accept the SSL error in your browser when you access the site.
     
  3. Walterpet

    Walterpet Member

    The local server has a fixed IP address and I configured it as a domain, in fact the ISPconfig panel can be reached from the domain
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Which is a requirement, no matter if it's a local or remote server.

    You can not configure an IP address as a domain. An IP address is an IP address, and a domain is a domain, that's two different things. You get /var/www/html folder, as that's the folder that Apache redirects requests when you set the domain up in the wrong way. Also never create a website for the hostname of the system. The install guide instructs you to use a subdomain like server1.example.com, so never use, e.g., example.com as hostname without using a subdomain part like server1 as you wont be able to add example.com as website otherwise.

    1) Create a website in ISPConfig for a domain name (not an IP!). The domain name does not has to exist on the internet, and it is even recommended to use a non existing tld. Let's say you use the domain 'mydomain.int', so you click on new website, and enter mydomain.int into the domain field and press save. Do not touch IPv4 address field, leave it at * for all websites on your server.
    2) Now you edit the hosts file on your desktop computer (not the server!) and add a line like:

    192.192.0.100 mydomain.int www.mydomain.int

    The IP address must match the internal IP of your server. Now you can enter mydomain.int into a web browser on your desktop and the website you created in ISPConfig gets displayed.
     
  5. Walterpet

    Walterpet Member

    Now everything works, both ISPConfig and the two websites I configured
    The ISPConfig management panel is with the secure connection while the two websites are not. SSL and Let's Encrypt SSL do not work and remain deactivated in site management.
    How can I activate them?
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    You can not use Let's Encrypt on an internal server as LE will only issue certs for real domain reachable from the internet on port 80, I explained that in post #2. Create a self-signed SSL cert on SSL tab of the website instead.
     
  7. Walterpet

    Walterpet Member

    The two domains are real and existent. They are parked on aruba.it. In the domain DNS I entered the IP of my router where I opened ports 80/443
    This is the address of the ISPConfig panel: https://server.pettinati.com:8080/

    At this link you can see a test of a site: https://srv.pettinati.com/

    srv.pettinati.com is configured on Aruba and points to the router's IP

    on the Ispconfig website I activated SSL and created the certificate in the SSL Tab but when the site opens it says it is not secure
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Regarding let's encrypt: https://forum.howtoforge.com/threads/lets-encrypt-error-faq.74179/ in case you like to know in detail what is needed for a let#s encrypt cert and how to find out why LE refuses to issue a cert when you think that the prerequisites are met. E.g. when your system is behind a router, you must disable the Let#s encrypt check as explained in the FAQ.

    That's fine and to be expected when using a self-signed cert. I explained that above already in post #2. So here again what I wrote above:

     
    Last edited: Nov 4, 2023
  9. Walterpet

    Walterpet Member

    Dear Till, I have carefully read your instructions and looked into the FAQs.
    My inexperience made me understand that a subdomain like srv.pettinati.com installed locally on ispconfig cannot activate Let's Encrypt SSL
    Allow me a question: why has the https://server.pettinati.com:8080/ subdomain of the ispconfig management panel been configured with SSL as a secure connection? yet it is always local with the usual router NAT settings.
    I don't want to have explained myself badly.
     
  10. Walterpet

    Walterpet Member

    now I created a new website with a domain and it immediately took Let's Encrypt SSL
    maybe Let's Encrypt SSLs are only assigned to domains and you don't have subdomains?
     
  11. remkoh

    remkoh Active Member

    LE can issue certificates for all real domains, including subdomains.
    As long as they exist in DNS, point to the correct IP and are reachable over port 80 so they can be validated that is.
     
  12. Walterpet

    Walterpet Member

    I solved the CE problem on the subdomain like this:
    1) I created the CE for free on ZEROSSL
    2) I installed them on the subdomain from the Ispconfig panel

    Now everything works perfectly.

    From this fact it emerges that ISPconfig is not able to issue a valid CE for local subdomains.

    Correct me on my mistake.
     
  13. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    ISPConfig works fine in creating LE certs for domain, sub domain or even sub sub domain or more, whether one is using acme.sh or certbot.
     
  14. Walterpet

    Walterpet Member

    How can I see if my ISPConfig is using acme.sh or certbot ?
     
  15. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

  16. Walterpet

    Walterpet Member

    I followed the instructions in the guide with the autoinstaller
    the server is setup with acme.sh
     
  17. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    Then if you have no problem of getting LE certs for your domain and your server sub domain, you should not have problem with getting LE certs for your other sub domain unless you did not set your sub domain in its dns server properly, or it has not been properly propagated yet, or you have exceeded your LE trial limit for that domain. Do read your LE logs before assuming anything.
     

Share This Page