Hi, I have 2 debian 9 servers, both running Ispconfig 3.2.2 One was built about 1 year ago, and uses Letsencrypt The other has just been built and uses acme.sh I have used migration-tool-2_2_2p3 to migrate Ispconfig to this new server. After a successful migration, I have manually removed the letsencrypt symlinks from /var/www/domain/ssl And now I have tried disabling and re-enabling 'Letsencrypt' in Ispconfig hoping to recreate the cert with acme.sh, but it is not created. Could I rerun the Ispconfig 3.2.2 update hoping that it will notice Letsencrypt is not installed? Would it the install acme.sh? Thank you
As far as I know that is detected at runtime, so it wouldn't change anything. But feel free to run the update and reconfigure services again if you wish, it won't hurt anything unless you've made custom config changes and didn't put them in a conf-custom file.
Thank you for your quick reply. Unfortuneatly the update has not worked, any other suggestions for a fix?
You don't have certbot installed at all? What you did sounds like the correct thing to try, but I've not actually done that myself. Probably enable server debugging, check "Lets Encrypt" for a domain and run server.sh manually to see what happens when it tries to setup the certificate.
The best is to check the letsencrypt FAQ one by one because your problem is not clear until you do so. If you check the latest update on Debian 10 PST, there is a short way to install acme.sh prescribed, though I would prefer an admin email is added, but that said, ISPConfig 3.2 already comes with acme.sh script (under ISPConfig script folder) and will automatically be used if no other letsencrypt official client exist In my mind, theoratically, uninstalling all Letsencrypt official clients (letsencrypt, certbot and certbot-auto) then backing up and deleting /etc/letsencrypt must be done before installing acme.sh and runing ISPConfig update while opting to configure services and ssl creation for the server. Personally, I still prefer certbot as it is the official letsencrypt client but at the same time I am also planning to migrate to acme.sh just in case certbot is ditched by ISPConfig.
Many thanks to everyone who replied. ahrasis, you were correct... I had failed to remove the letsencrypt certificates from the old server, I tried adding one on a domain that previously did not have a certificate and it was successful.
