Main Server Certificate Not Renewed - Unexpectedly Expired!

Discussion in 'Installation/Configuration' started by snowweb, May 7, 2023.

  1. snowweb

    snowweb Member

    This morning we found that the servers certificate expired overnight. Until now it had been automatically renewed every three months without a problem. We set it up using
    Upon investigation, the renewing script at
    appears to have run properly, but the certificate files in
    /etc/letsencrypt/archive/hostname -f/
    are out dated.
    I'm not sure why they should suddenly stop being updated by LetsEncrypt, but any pointers on how to get fix this would be highly appreciated!
    Many thanks.
  2. snowweb

    snowweb Member


    Our company has two domain names and and the .info is used for the control panel on and the server fqdn is also The .net is used for the company website and email.
    Some weeks ago, we redirected to in case someone stumbled upon it (since we don't advertise the .info address). However, it seems that this has broken the certificate renewal.
    We're not sure how to recover from this! Please help!
    Last edited: May 7, 2023
  3. snowweb

    snowweb Member

    Looks like I've finally fixed this. I had another domain which as luck would have it, when we set up the certificate for it, we included the hostname of the server (the one with the failed certificate and which ISPconfig runs), we included that in the same certificate as the other domain, although we weren't actually using that aspect of that certificate as the server still had it's own, until it broke last night.
    What I just did to fix it was run the following commands:

    ln -sf /etc/letsencrypt/live/* /etc/letsencrypt/live/
    and then I restarted the services.
  4. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    Well, I don't think that is the right way of doing it simply because at least is not as all can see with their naked eyes. Those who followed my old thread / tutorial in securing ISPConfig should already know by now that those methods are obsolete or at least deprecated. The best way is, first, undue all the steps thoroughly manually though I shared a script to undue them in the github as well, but I am not sure that it will work in all cases scenario. Second, force update ISPConfig opting to create SSL during that process, which should recreate all the necessary LE certs and links to all services for that server. Do check LE FAQ in case of failure to create LE Certs.

Share This Page