Hi there everyone! I followed the entire howto on securing my 8080 connection: https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/ I did this about a month ago and the issue just began to occur. There's always a chance that I did something incorrectly while following the tutorial but I tried to follow it very closely and through it's entirety. I was wondering how I might resolve this issue and get my port 8080 to show as a valid secure connection. Any help would be greatly appreciated. Thanks for your time!
Check the certificate it sends to you, is ist the cert for your configured hostname at all? If it is, did you do an upgrade and maybe regenerated a certificate with it? what's inside your 000-ispconfig.vhost ? default. check yours and check the files they lead to. Maybe some weird issue with a reissued cert living in the "wrong" folder now.
Run "ls -lat /etc/letsencrypt/$(hostname -f)/archive" or open the created website for your server (hostname -f) and see whether the certs are already expired (from the files' date or the browser) respctively. There have been some fixes which I updated into the LE4ISPC script as well as in its original thread in here which may not be in the tutorial so you should check that too.
# SSL Configuration SSLEngine On SSLProtocol All -SSLv3 SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle An here's what's in /usr/local/ispconfig/interface/ssl: root@server:/etc/apache2/sites-enabled# cd /usr/local/ispconfig/interface/ssl root@server:/usr/local/ispconfig/interface/ssl# ls -la total 32 drwxr-s--- 2 root root 4096 Jun 21 23:56 . drwxr-s--- 9 ispconfig ispconfig 4096 Jun 21 23:14 .. -rwxr-x--- 1 root root 45 Jun 21 23:14 empty.dir lrwxrwxrwx 1 root root 59 Jun 21 23:56 ispserver.crt -> /etc/letsencrypt/live/server.schwimserver.com/fullchain.pem -rw-r--r-- 1 root root 1452 Jun 21 23:14 ispserver.crt-180621235530.bak lrwxrwxrwx 1 root root 57 Jun 21 23:56 ispserver.key -> /etc/letsencrypt/live/server.schwimserver.com/privkey.pem -rwxr-x--- 1 root root 1704 Jun 21 23:14 ispserver.key-180621235557.bak -rwxr-x--- 1 root root 3311 Jun 21 23:14 ispserver.key.secure -rw------- 1 root root 7439 Jun 21 23:56 ispserver.pem root@server:/usr/local/ispconfig/interface/ssl# Does this look correct?
you have uncommented SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle in your vhost, but I can't see the corresponding file
