Problem with Let's Encrypt Cert

Discussion in 'Installation/Configuration' started by DavideR, Jul 18, 2023.

  1. DavideR

    DavideR Member HowtoForge Supporter

    Hi all,
    I've a question about setup SSL Let's Encrypt.
    I've two public server, One with Apache in production from a years without problem, but on last 2 sites setup's I've problems with activate Let's Encrypt certs
    that won't setup correctly.
    I've setup new one on Debian 11 with nginx, the Let's Encrypt certs for the host was loaded correctly, but on first Site added I've same issues, no Let's loaded and site not working.

    The error.log is empty and I've not find letsencrypt log
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

  3. DavideR

    DavideR Member HowtoForge Supporter

    HI,
    when run server.sh i get this error:

    PHP Warning: PHP Startup: Unable to load dynamic library 'memcache.so' (tried: /usr/lib/php/20180731/memcache.so (/usr/lib/php/20180731/memcache.so: cannot open shared object file: No such file or directory), /usr/lib/php/20180731/memcache.so.so (/usr/lib/php/20180731/memcache.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0

    finished server.php.

    PHP Warning: PHP Startup: Unable to load dynamic library 'memcache.so' (tried: /usr/lib/php/20180731/memcache.so (/usr/lib/php/20180731/memcache.so: cannot open shared object file: No such file or directory), /usr/lib/php/20180731/memcache.so.so (/usr/lib/php/20180731/memcache.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0




    in acme.log this is error

    [Wed 19 Jul 2023 12:38:01 AM CEST] Running cmd: cron

    [Wed 19 Jul 2023 12:38:01 AM CEST] Using config home:/root/.acme.sh

    [Wed 19 Jul 2023 12:38:01 AM CEST] default_acme_server='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 12:38:01 AM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 12:38:01 AM CEST] ===Starting cron===

    [Wed 19 Jul 2023 12:38:01 AM CEST] Using config home:/root/.acme.sh

    [Wed 19 Jul 2023 12:38:01 AM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 12:38:01 AM CEST] GET

    [Wed 19 Jul 2023 12:38:01 AM CEST] url='https://api.github.com/repos/acmesh-official/acme.sh/git/refs/heads/master'

    [Wed 19 Jul 2023 12:38:01 AM CEST] timeout=

    [Wed 19 Jul 2023 12:38:01 AM CEST] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '

    [Wed 19 Jul 2023 12:38:01 AM CEST] ret='0'

    [Wed 19 Jul 2023 12:38:01 AM CEST] Already uptodate!

    [Wed 19 Jul 2023 12:38:01 AM CEST] Upgrade success!

    [Wed 19 Jul 2023 12:38:01 AM CEST] Using config home:/root/.acme.sh

    [Wed 19 Jul 2023 12:38:01 AM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 12:38:01 AM CEST] Auto upgraded to: 3.0.6

    [Wed 19 Jul 2023 12:38:01 AM CEST] Using config home:/root/.acme.sh

    [Wed 19 Jul 2023 12:38:01 AM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 12:38:01 AM CEST] _stopRenewOnError

    [Wed 19 Jul 2023 12:38:01 AM CEST] _server

    [Wed 19 Jul 2023 12:38:01 AM CEST] _set_level='2'

    [Wed 19 Jul 2023 12:38:01 AM CEST] di='/root/.acme.sh/mywebsite.com/'

    [Wed 19 Jul 2023 12:38:01 AM CEST] d='mywebsite.com'

    [Wed 19 Jul 2023 12:38:01 AM CEST] _renewServer

    [Wed 19 Jul 2023 12:38:01 AM CEST] Using config home:/root/.acme.sh

    [Wed 19 Jul 2023 12:38:01 AM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 12:38:01 AM CEST] DOMAIN_PATH='/root/.acme.sh/mywebsite.com'

    [Wed 19 Jul 2023 12:38:01 AM CEST] Renew: 'mywebsite.com'

    [Wed 19 Jul 2023 12:38:01 AM CEST] Le_API='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 12:38:01 AM CEST] Renew to Le_API=https://acme-v02.api.letsencrypt.org/directory

    [Wed 19 Jul 2023 12:38:01 AM CEST] Using config home:/root/.acme.sh

    [Wed 19 Jul 2023 12:38:01 AM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 12:38:01 AM CEST] Skip, Next renewal time is: 2023-09-14T10:01:48Z

    [Wed 19 Jul 2023 12:38:01 AM CEST] Add '--force' to force to renew.

    [Wed 19 Jul 2023 12:38:01 AM CEST] Return code: 2

    [Wed 19 Jul 2023 12:38:01 AM CEST] Skipped mywebsite.com

    [Wed 19 Jul 2023 12:38:01 AM CEST] _error_level='3'

    [Wed 19 Jul 2023 12:38:01 AM CEST] _set_level='2'

    [Wed 19 Jul 2023 12:38:01 AM CEST] ===End cron===



    There's the log when I've retry to force let's on domain

    [Wed Jul 19 19:06:22 CEST 2023] default_acme_server='https://acme-v02.api.letsencrypt.org/directory'

    [Wed Jul 19 19:06:22 CEST 2023] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 07:10:02 PM CEST] Running cmd: issue

    [Wed 19 Jul 2023 07:10:02 PM CEST] _main_domain='potavintage.com'

    [Wed 19 Jul 2023 07:10:02 PM CEST] _alt_domains='www.potavintage.com'

    [Wed 19 Jul 2023 07:10:02 PM CEST] Using config home:/root/.acme.sh

    [Wed 19 Jul 2023 07:10:02 PM CEST] default_acme_server='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 07:10:02 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 07:10:02 PM CEST] DOMAIN_PATH='/root/.acme.sh/potavintage.com'

    [Wed 19 Jul 2023 07:10:02 PM CEST] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory

    [Wed 19 Jul 2023 07:10:02 PM CEST] _init api for server: https://acme-v02.api.letsencrypt.org/directory

    [Wed 19 Jul 2023 07:10:02 PM CEST] GET

    [Wed 19 Jul 2023 07:10:02 PM CEST] url='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 07:10:02 PM CEST] timeout=

    [Wed 19 Jul 2023 07:10:02 PM CEST] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '

    [Wed 19 Jul 2023 07:10:02 PM CEST] ret='0'

    [Wed 19 Jul 2023 07:10:02 PM CEST] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'

    [Wed 19 Jul 2023 07:10:02 PM CEST] ACME_NEW_AUTHZ

    [Wed 19 Jul 2023 07:10:02 PM CEST] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'

    [Wed 19 Jul 2023 07:10:02 PM CEST] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'

    [Wed 19 Jul 2023 07:10:02 PM CEST] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'

    [Wed 19 Jul 2023 07:10:02 PM CEST] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf'

    [Wed 19 Jul 2023 07:10:02 PM CEST] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'

    [Wed 19 Jul 2023 07:10:02 PM CEST] Using CA: https://acme-v02.api.letsencrypt.org/directory

    [Wed 19 Jul 2023 07:10:02 PM CEST] _on_before_issue

    [Wed 19 Jul 2023 07:10:02 PM CEST] _chk_main_domain='potavintage.com'

    [Wed 19 Jul 2023 07:10:02 PM CEST] _chk_alt_domains='www.potavintage.com'

    [Wed 19 Jul 2023 07:10:02 PM CEST] Le_LocalAddress

    [Wed 19 Jul 2023 07:10:02 PM CEST] d='potavintage.com'

    [Wed 19 Jul 2023 07:10:02 PM CEST] Check for domain='potavintage.com'

    [Wed 19 Jul 2023 07:10:02 PM CEST] _currentRoot='/usr/local/ispconfig/interface/acme'

    [Wed 19 Jul 2023 07:10:02 PM CEST] d='www.potavintage.com'

    [Wed 19 Jul 2023 07:10:02 PM CEST] Check for domain='www.potavintage.com'

    [Wed 19 Jul 2023 07:10:02 PM CEST] _currentRoot='/usr/local/ispconfig/interface/acme'

    [Wed 19 Jul 2023 07:10:02 PM CEST] d

    [Wed 19 Jul 2023 07:10:02 PM CEST] _saved_account_key_hash is not changed, skip register account.

    [Wed 19 Jul 2023 07:10:02 PM CEST] Read key length:2048

    [Wed 19 Jul 2023 07:10:02 PM CEST] Creating domain key

    [Wed 19 Jul 2023 07:10:02 PM CEST] Using config home:/root/.acme.sh

    [Wed 19 Jul 2023 07:10:02 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'

    [Wed 19 Jul 2023 07:10:02 PM CEST] Use length 4096

    [Wed 19 Jul 2023 07:10:02 PM CEST] Using RSA: 4096

    [Wed 19 Jul 2023 07:10:03 PM CEST] The domain key is here: /root/.acme.sh/potavintage.com/potavintage.com.key

    [Wed 19 Jul 2023 07:10:03 PM CEST] Generate next pre-generate key.

    [Wed 19 Jul 2023 07:10:03 PM CEST] Use length 4096

    [Wed 19 Jul 2023 07:10:03 PM CEST] Using RSA: 4096

    [Wed 19 Jul 2023 07:10:04 PM CEST] _createcsr

    [Wed 19 Jul 2023 07:10:04 PM CEST] Multi domain='DNS:potavintage.com,DNS:www.potavintage.com'

    [Wed 19 Jul 2023 07:10:04 PM CEST] Getting domain auth token for each domain

    [Wed 19 Jul 2023 07:10:04 PM CEST] d='www.potavintage.com'

    [Wed 19 Jul 2023 07:10:04 PM CEST] d

    [Wed 19 Jul 2023 07:10:04 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/new-order'

    [Wed 19 Jul 2023 07:10:04 PM CEST] payload='{"identifiers": [{"type":"dns","value":"potavintage.com"},{"type":"dns","value":"www.potavintage.com"}]}'

    [Wed 19 Jul 2023 07:10:04 PM CEST] EC key

    [Wed 19 Jul 2023 07:10:04 PM CEST] HEAD

    [Wed 19 Jul 2023 07:10:04 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'

    [Wed 19 Jul 2023 07:10:04 PM CEST] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g -I '

    [Wed 19 Jul 2023 07:10:04 PM CEST] _ret='0'

    [Wed 19 Jul 2023 07:10:04 PM CEST] POST

    [Wed 19 Jul 2023 07:10:04 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'

    [Wed 19 Jul 2023 07:10:04 PM CEST] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '

    [Wed 19 Jul 2023 07:10:05 PM CEST] _ret='0'

    [Wed 19 Jul 2023 07:10:05 PM CEST] code='201'

    [Wed 19 Jul 2023 07:10:05 PM CEST] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/1210767267/195971027347'

    [Wed 19 Jul 2023 07:10:05 PM CEST] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/1210767267/195971027347'

    [Wed 19 Jul 2023 07:10:05 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/247069388227'

    [Wed 19 Jul 2023 07:10:05 PM CEST] payload

    [Wed 19 Jul 2023 07:10:05 PM CEST] POST

    [Wed 19 Jul 2023 07:10:05 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/247069388227'

    [Wed 19 Jul 2023 07:10:05 PM CEST] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '

    [Wed 19 Jul 2023 07:10:06 PM CEST] _ret='0'

    [Wed 19 Jul 2023 07:10:06 PM CEST] code='200'

    [Wed 19 Jul 2023 07:10:06 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/247069388237'

    [Wed 19 Jul 2023 07:10:06 PM CEST] payload

    [Wed 19 Jul 2023 07:10:06 PM CEST] POST

    [Wed 19 Jul 2023 07:10:06 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/247069388237'

    [Wed 19 Jul 2023 07:10:06 PM CEST] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '

    [Wed 19 Jul 2023 07:10:06 PM CEST] _ret='0'

    [Wed 19 Jul 2023 07:10:06 PM CEST] code='200'

    [Wed 19 Jul 2023 07:10:06 PM CEST] d='potavintage.com'

    [Wed 19 Jul 2023 07:10:06 PM CEST] Getting webroot for domain='potavintage.com'

    [Wed 19 Jul 2023 07:10:06 PM CEST] _w='/usr/local/ispconfig/interface/acme'

    [Wed 19 Jul 2023 07:10:06 PM CEST] _currentRoot='/usr/local/ispconfig/interface/acme'

    [Wed 19 Jul 2023 07:10:06 PM CEST] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388227/aYmq9A","token":"dtwVHWAq2B1qA9YgetD64T2oOStojyuyBcSA-38HQ8I"'

    [Wed 19 Jul 2023 07:10:06 PM CEST] token='dtwVHWAq2B1qA9YgetD64T2oOStojyuyBcSA-38HQ8I'

    [Wed 19 Jul 2023 07:10:06 PM CEST] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388227/aYmq9A'

    [Wed 19 Jul 2023 07:10:06 PM CEST] keyauthorization='dtwVHWAq2B1qA9YgetD64T2oOStojyuyBcSA-38HQ8I.8r5S8-YSgz0glwJjL71jn-Ddw5ja7s1hgCIjIHCEwfU'

    [Wed 19 Jul 2023 07:10:06 PM CEST] dvlist='potavintage.com#dtwVHWAq2B1qA9YgetD64T2oOStojyuyBcSA-38HQ8I.8r5S8-YSgz0glwJjL71jn-Ddw5ja7s1hgCIjIHCEwfU#https://acme-v02.api.letsencrypt.or...A#http-01#/usr/local/ispconfig/interface/acme'

    [Wed 19 Jul 2023 07:10:06 PM CEST] d='www.potavintage.com'

    [Wed 19 Jul 2023 07:10:06 PM CEST] Getting webroot for domain='www.potavintage.com'

    [Wed 19 Jul 2023 07:10:06 PM CEST] _w='/usr/local/ispconfig/interface/acme'

    [Wed 19 Jul 2023 07:10:06 PM CEST] _currentRoot='/usr/local/ispconfig/interface/acme'

    [Wed 19 Jul 2023 07:10:06 PM CEST] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388237/bQjnaw","token":"oFiiwaQ5CFEwimLzHApl7bqshZxmqZ9rz4uxsWSKXYM"'

    [Wed 19 Jul 2023 07:10:06 PM CEST] token='oFiiwaQ5CFEwimLzHApl7bqshZxmqZ9rz4uxsWSKXYM'

    [Wed 19 Jul 2023 07:10:06 PM CEST] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388237/bQjnaw'

    [Wed 19 Jul 2023 07:10:06 PM CEST] keyauthorization='oFiiwaQ5CFEwimLzHApl7bqshZxmqZ9rz4uxsWSKXYM.8r5S8-YSgz0glwJjL71jn-Ddw5ja7s1hgCIjIHCEwfU'

    [Wed 19 Jul 2023 07:10:06 PM CEST] dvlist='www.potavintage.com#oFiiwaQ5CFEwimL...w#http-01#/usr/local/ispconfig/interface/acme'

    [Wed 19 Jul 2023 07:10:06 PM CEST] d

    [Wed 19 Jul 2023 07:10:06 PM CEST] vlist='potavintage.com#dtwVHWAq2B1qA9YgetD64T2oOStojyuyBcSA-38HQ8I.8r5S8-YSgz0glwJjL71jn-Ddw5ja7s1hgCIjIHCEwfU#https://acme-v02.api.letsencrypt.or...w#http-01#/usr/local/ispconfig/interface/acme,'

    [Wed 19 Jul 2023 07:10:06 PM CEST] d='potavintage.com'

    [Wed 19 Jul 2023 07:10:06 PM CEST] d='www.potavintage.com'

    [Wed 19 Jul 2023 07:10:06 PM CEST] ok, let's start to verify

    [Wed 19 Jul 2023 07:10:06 PM CEST] Verifying: potavintage.com

    [Wed 19 Jul 2023 07:10:06 PM CEST] d='potavintage.com'

    [Wed 19 Jul 2023 07:10:06 PM CEST] keyauthorization='dtwVHWAq2B1qA9YgetD64T2oOStojyuyBcSA-38HQ8I.8r5S8-YSgz0glwJjL71jn-Ddw5ja7s1hgCIjIHCEwfU'

    [Wed 19 Jul 2023 07:10:06 PM CEST] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388227/aYmq9A'

    [Wed 19 Jul 2023 07:10:06 PM CEST] _currentRoot='/usr/local/ispconfig/interface/acme'

    [Wed 19 Jul 2023 07:10:06 PM CEST] wellknown_path='/usr/local/ispconfig/interface/acme/.well-known/acme-challenge'

    [Wed 19 Jul 2023 07:10:06 PM CEST] writing token:dtwVHWAq2B1qA9YgetD64T2oOStojyuyBcSA-38HQ8I to /usr/local/ispconfig/interface/acme/.well-known/acme-challenge/dtwVHWAq2B1qA9YgetD64T2oOStojyuyBcSA-38HQ8I

    [Wed 19 Jul 2023 07:10:06 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388227/aYmq9A'

    [Wed 19 Jul 2023 07:10:06 PM CEST] payload='{}'

    [Wed 19 Jul 2023 07:10:06 PM CEST] POST

    [Wed 19 Jul 2023 07:10:06 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388227/aYmq9A'

    [Wed 19 Jul 2023 07:10:06 PM CEST] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '

    [Wed 19 Jul 2023 07:10:07 PM CEST] _ret='0'

    [Wed 19 Jul 2023 07:10:07 PM CEST] code='200'

    [Wed 19 Jul 2023 07:10:07 PM CEST] trigger validation code: 200

    [Wed 19 Jul 2023 07:10:07 PM CEST] Pending, The CA is processing your order, please just wait. (1/30)

    [Wed 19 Jul 2023 07:10:07 PM CEST] sleep 2 secs to verify again

    [Wed 19 Jul 2023 07:10:09 PM CEST] checking

    [Wed 19 Jul 2023 07:10:09 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388227/aYmq9A'

    [Wed 19 Jul 2023 07:10:09 PM CEST] payload

    [Wed 19 Jul 2023 07:10:09 PM CEST] POST

    [Wed 19 Jul 2023 07:10:09 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388227/aYmq9A'

    [Wed 19 Jul 2023 07:10:09 PM CEST] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '

    [Wed 19 Jul 2023 07:10:09 PM CEST] _ret='0'

    [Wed 19 Jul 2023 07:10:09 PM CEST] code='200'

    [Wed 19 Jul 2023 07:10:09 PM CEST] potavintage.com:Verify error:195.231.53.136: Invalid response from http://potavintage.com/.well-known/acme-challenge/dtwVHWAq2B1qA9YgetD64T2oOStojyuyBcSA-38HQ8I: 404

    [Wed 19 Jul 2023 07:10:09 PM CEST] pid

    [Wed 19 Jul 2023 07:10:09 PM CEST] No need to restore nginx, skip.

    [Wed 19 Jul 2023 07:10:09 PM CEST] _clearupdns

    [Wed 19 Jul 2023 07:10:09 PM CEST] dns_entries

    [Wed 19 Jul 2023 07:10:09 PM CEST] skip dns.

    [Wed 19 Jul 2023 07:10:09 PM CEST] _on_issue_err

    [Wed 19 Jul 2023 07:10:09 PM CEST] Please check log file for more details: /var/log/ispconfig/acme.log

    [Wed 19 Jul 2023 07:10:10 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388227/aYmq9A'

    [Wed 19 Jul 2023 07:10:10 PM CEST] payload='{}'

    [Wed 19 Jul 2023 07:10:10 PM CEST] POST

    [Wed 19 Jul 2023 07:10:10 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388227/aYmq9A'

    [Wed 19 Jul 2023 07:10:10 PM CEST] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '

    [Wed 19 Jul 2023 07:10:10 PM CEST] _ret='0'

    [Wed 19 Jul 2023 07:10:10 PM CEST] code='400'

    [Wed 19 Jul 2023 07:10:10 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388237/bQjnaw'

    [Wed 19 Jul 2023 07:10:10 PM CEST] payload='{}'

    [Wed 19 Jul 2023 07:10:10 PM CEST] POST

    [Wed 19 Jul 2023 07:10:10 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/247069388237/bQjnaw'

    [Wed 19 Jul 2023 07:10:10 PM CEST] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '

    [Wed 19 Jul 2023 07:10:11 PM CEST] _ret='0'

    [Wed 19 Jul 2023 07:10:11 PM CEST] code='200'
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The first thing is to fix your PHP setup. You probably have an include file in your PHP config for memcache.so bute remove this extension. You must remove the include file which tries to load memcache.so as well.

    Regarding debugging, you missed enabling debug mode, just running server.sh is only one of the steps. See the debug guide that is mentioned at the end of the let's encrypt error FAQ, it describes it step by step.

    1) Enable debug log mode.
    2) comment out server.sh in root crontab.
    3) do what you want to debug, in your case, enable let's encrypt for a website.
    4) run server.sh and post the output.
     
  5. DavideR

    DavideR Member HowtoForge Supporter

    sorry i've lose step 1

    PHP Warning: PHP Startup: Unable to load dynamic library 'memcache.so' (tried: /usr/lib/php/20180731/memcache.so (/usr/lib/php/20180731/memcache.so: cannot open shared object file: No such file or directory), /usr/lib/php/20180731/memcache.so.so (/usr/lib/php/20180731/memcache.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0

    19.07.2023-20:34 - DEBUG [plugins.inc:155] - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.

    19.07.2023-20:34 - DEBUG [server:177] - Found 1 changes, starting update process.

    19.07.2023-20:34 - DEBUG [plugins.inc:118] - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'.

    19.07.2023-20:34 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'.

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: chattr -i '/var/www/clients/client1/web1' - return code: 0

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: chattr +i '/var/www/clients/client1/web1' - return code: 0

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: df -T '/var/www/clients/client1/web1'|awk 'END{print $2,$NF}' - return code: 0

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: which 'setquota' 2> /dev/null - return code: 0

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: setquota -u 'web1' '0' '0' 0 0 -a &> /dev/null - return code: 0

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: setquota -T -u 'web1' 604800 604800 -a &> /dev/null - return code: 0

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: chattr +i '/var/www/clients/client1/web1' - return code: 0

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 1

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: which 'apachectl' 2> /dev/null - return code: 1

    19.07.2023-20:34 - DEBUG [system.inc:2245] - Could not check apache version, apachectl not found.

    19.07.2023-20:34 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: systemctl is-enabled 'nginx' 2>&1 - return code: 0

    19.07.2023-20:34 - DEBUG [letsencrypt.inc:436] - Create Let's Encrypt SSL Cert for: potavintage.com

    19.07.2023-20:34 - DEBUG [letsencrypt.inc:437] - Let's Encrypt SSL Cert domains:

    19.07.2023-20:34 - DEBUG [system.inc:1819] - exec: R=0 ; C=0 ; /root/.acme.sh/acme.sh --issue -d potavintage.com -d www.potavintage.com -w /usr/local/ispconfig/interface/acme --always-force-new-domain-key --keylength 4096; R=$? ; if [ $R -eq 0 -o $R -eq 2 ] ; then /root/.acme.sh/acme.sh --install-cert -d potavintage.com -d www.potavintage.com --key-file '/var/www/clients/client1/web1/ssl/potavintage.com-le.key' --fullchain-file '/var/www/clients/client1/web1/ssl/potavintage.com-le.bundle' --cert-file '/var/www/clients/client1/web1/ssl/potavintage.com-le.crt' --reloadcmd 'systemctl force-reload nginx.service' --log '/var/log/ispconfig/acme.log'; C=$? ; fi ; if [ $C -eq 0 ] ; then exit $R ; else exit $C ; fi

    [Wed 19 Jul 2023 08:34:42 PM CEST] potavintage.com:Verify error:195.231.53.136: Invalid response from http://potavintage.com/.well-known/acme-challenge/E-iknllMPnuLIhjIpjMlUxLKRTgDr5SFkBX2WJm9ktM: 404

    [Wed 19 Jul 2023 08:34:42 PM CEST] Please check log file for more details: /var/log/ispconfig/acme.log

    19.07.2023-20:34 - WARNING - Let's Encrypt SSL Cert for: potavintage.com could not be issued.

    19.07.2023-20:34 - WARNING - R=0 ; C=0 ; /root/.acme.sh/acme.sh --issue -d potavintage.com -d www.potavintage.com -w /usr/local/ispconfig/interface/acme --always-force-new-domain-key --keylength 4096; R=$? ; if [ $R -eq 0 -o $R -eq 2 ] ; then /root/.acme.sh/acme.sh --install-cert -d potavintage.com -d www.potavintage.com --key-file '/var/www/clients/client1/web1/ssl/potavintage.com-le.key' --fullchain-file '/var/www/clients/client1/web1/ssl/potavintage.com-le.bundle' --cert-file '/var/www/clients/client1/web1/ssl/potavintage.com-le.crt' --reloadcmd 'systemctl force-reload nginx.service' --log '/var/log/ispconfig/acme.log'; C=$? ; fi ; if [ $C -eq 0 ] ; then exit $R ; else exit $C ; fi

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 1

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: which 'apachectl' 2> /dev/null - return code: 1

    19.07.2023-20:34 - DEBUG [system.inc:2245] - Could not check apache version, apachectl not found.

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 1

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: which 'apachectl' 2> /dev/null - return code: 1

    19.07.2023-20:34 - DEBUG [system.inc:2245] - Could not check apache version, apachectl not found.

    PHP Warning: file_put_contents(/etc/apache2/sites-available/potavintage.com.vhost): failed to open stream: No such file or directory in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 865

    19.07.2023-20:34 - DEBUG [apache2 plugin.inc:1891] - Writing the vhost file: /etc/apache2/sites-available/potavintage.com.vhost

    PHP Warning: fopen(/etc/apache2/sites-available/potavintage.com.vhost): failed to open stream: No such file or directory in /usr/local/ispconfig/server/plugins-available/apache2_plugin.inc.php on line 2982

    PHP Warning: fgets() expects parameter 1 to be resource, bool given in /usr/local/ispconfig/server/plugins-available/apache2_plugin.inc.php on line 2989

    PHP Warning: fclose() expects parameter 1 to be resource, bool given in /usr/local/ispconfig/server/plugins-available/apache2_plugin.inc.php on line 3052

    PHP Warning: file_put_contents(/etc/apache2/sites-available/potavintage.com.vhost): failed to open stream: No such file or directory in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 865

    PHP Warning: symlink(): No such file or directory in /usr/local/ispconfig/server/plugins-available/apache2_plugin.inc.php on line 1925

    19.07.2023-20:34 - DEBUG [apache2 plugin.inc:1926] - Creating symlink: /etc/apache2/sites-enabled/100-potavintage.com.vhost->/etc/apache2/sites-available/potavintage.com.vhost

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 1

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: which 'apachectl' 2> /dev/null - return code: 1

    19.07.2023-20:34 - DEBUG [system.inc:2245] - Could not check apache version, apachectl not found.

    19.07.2023-20:34 - DEBUG [apache2 plugin.inc:3462] - Writing the PHP-FPM config file: /etc/php/8.2/fpm/pool.d/web1.conf

    19.07.2023-20:34 - DEBUG [services.inc:56] - Calling function 'restartPHP_FPM' from module 'web_module'.

    19.07.2023-20:34 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: systemctl is-enabled 'php8.2-fpm' 2>&1 - return code: 0

    19.07.2023-20:34 - DEBUG [web module.inc:316] - Restarting php-fpm: systemctl reload php8.2-fpm.service

    19.07.2023-20:34 - DEBUG [apache2 plugin.inc:2009] - Apache status is: running

    19.07.2023-20:34 - DEBUG [services.inc:56] - Calling function 'restartHttpd' from module 'web_module'.

    19.07.2023-20:34 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service

    19.07.2023-20:34 - DEBUG [system.inc:2429] - safe_exec cmd: systemctl is-enabled 'nginx' 2>&1 - return code: 0

    19.07.2023-20:34 - DEBUG [web module.inc:236] - Checking nginx configuration...

    19.07.2023-20:34 - DEBUG [web module.inc:239] - nginx configuration ok!

    19.07.2023-20:34 - DEBUG [web module.inc:246] - Restarting httpd: systemctl restart nginx.service

    19.07.2023-20:34 - DEBUG [apache2 plugin.inc:2012] - Apache restart return value is: 0

    19.07.2023-20:34 - DEBUG [apache2 plugin.inc:2023] - Apache online status after restart is: running

    19.07.2023-20:34 - DEBUG [plugins.inc:118] - Calling function 'ssl' from plugin 'nginx_plugin' raised by event 'web_domain_update'.

    19.07.2023-20:34 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'nginx_plugin' raised by event 'web_domain_update'.

    19.07.2023-20:34 - WARNING - The nginx plugin cannot be used together with the apache2 plugin.

    19.07.2023-20:34 - DEBUG [modules.inc:240] - Processed datalog_id 50

    19.07.2023-20:34 - DEBUG [server:217] - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock

    finished server.php.

    PHP Warning: PHP Startup: Unable to load dynamic library 'memcache.so' (tried: /usr/lib/php/20180731/memcache.so (/usr/lib/php/20180731/memcache.so: cannot open shared object file: No such file or directory), /usr/lib/php/20180731/memcache.so.so (/usr/lib/php/20180731/memcache.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    So you say it's an nginx server? But according to the debug output, this system uses apache2 plugin and not nginx plugin in ISPConfig. So there seems to be something completely wrong with the base install of this system as you seem to have enabled both Apache and Nginx plugin.

    Please run the test script and post the result: https://forum.howtoforge.com/threads/please-read-before-posting.58408/

    and also post the output of the command:

    ls -la /usr/local/ispconfig/server/plugins-enabled/
     
  7. DavideR

    DavideR Member HowtoForge Supporter

    Yes server is nginx and I'ven't setup apache by my self.
    the plugin command report:
    total 116

    drwxr-x--- 2 root root 4096 Jul 14 21:01 .

    drwxr-x--- 13 root root 4096 Jul 14 21:01 ..

    lrwxrwxrwx 1 root root 68 Jul 14 21:01 apache2_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/apache2_plugin.inc.php

    lrwxrwxrwx 1 root root 71 Aug 2 2019 apps_vhost_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/apps_vhost_plugin.inc.php

    lrwxrwxrwx 1 root root 64 Aug 2 2019 aps_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/aps_plugin.inc.php

    lrwxrwxrwx 1 root root 67 Aug 2 2019 backup_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/backup_plugin.inc.php

    lrwxrwxrwx 1 root root 65 Aug 2 2019 bind_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/bind_plugin.inc.php

    lrwxrwxrwx 1 root root 73 Aug 2 2019 cron_jailkit_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/cron_jailkit_plugin.inc.php

    lrwxrwxrwx 1 root root 65 Aug 2 2019 cron_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/cron_plugin.inc.php

    -rwxr-x--- 1 root root 45 Jul 17 12:02 empty.dir

    lrwxrwxrwx 1 root root 69 Aug 2 2019 firewall_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/firewall_plugin.inc.php

    lrwxrwxrwx 1 root root 73 Aug 2 2019 ftpuser_base_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/ftpuser_base_plugin.inc.php

    lrwxrwxrwx 1 root root 68 Aug 2 2019 getmail_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/getmail_plugin.inc.php

    lrwxrwxrwx 1 root root 72 Aug 2 2019 maildeliver_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/maildeliver_plugin.inc.php

    lrwxrwxrwx 1 root root 68 Aug 2 2019 mailman_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/mailman_plugin.inc.php

    lrwxrwxrwx 1 root root 70 Aug 2 2019 mail_plugin_dkim.inc.php -> /usr/local/ispconfig/server/plugins-available/mail_plugin_dkim.inc.php

    lrwxrwxrwx 1 root root 65 Aug 2 2019 mail_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/mail_plugin.inc.php

    lrwxrwxrwx 1 root root 75 Aug 2 2019 mysql_clientdb_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/mysql_clientdb_plugin.inc.php

    lrwxrwxrwx 1 root root 77 Aug 2 2019 network_settings_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/network_settings_plugin.inc.php

    lrwxrwxrwx 1 root root 66 Aug 2 2019 nginx_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/nginx_plugin.inc.php

    lrwxrwxrwx 1 root root 75 Aug 2 2019 postfix_filter_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/postfix_filter_plugin.inc.php

    lrwxrwxrwx 1 root root 75 Aug 2 2019 postfix_server_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/postfix_server_plugin.inc.php

    lrwxrwxrwx 1 root root 67 Sep 5 2019 rspamd_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/rspamd_plugin.inc.php

    lrwxrwxrwx 1 root root 76 Jul 14 21:01 server_services_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/server_services_plugin.inc.php

    lrwxrwxrwx 1 root root 75 Aug 2 2019 shelluser_base_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/shelluser_base_plugin.inc.php

    lrwxrwxrwx 1 root root 78 Aug 2 2019 shelluser_jailkit_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/shelluser_jailkit_plugin.inc.php

    lrwxrwxrwx 1 root root 76 Aug 2 2019 software_update_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/software_update_plugin.inc.php

    lrwxrwxrwx 1 root root 70 Aug 2 2019 webserver_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/webserver_plugin.inc.php

    lrwxrwxrwx 1 root root 84 Aug 2 2019 z_php_fpm_incron_reload_plugin.inc.php -> /usr/local/ispconfig/server/plugins-available/z_php_fpm_incron_reload_plugin.inc.php

    the test result is :



    Code:
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] OS version is Debian GNU/Linux 11 (bullseye)
     
    [INFO] uptime:  21:34:43 up 2 days,  9:17,  1 user,  load average: 0.00, 0.00, 0.00
     
    [INFO] memory:
                   total        used        free      shared  buff/cache   available
    Mem:           7.8Gi       1.7Gi       5.0Gi        12Mi       1.1Gi       5.8Gi
    Swap:          9.3Gi          0B       9.3Gi
     
    [INFO] systemd failed services status:
      UNIT LOAD ACTIVE SUB DESCRIPTION
    0 loaded units listed.
    
    [INFO] ISPConfig is installed.
    
    ##### ISPCONFIG #####
    ISPConfig version is 3.2.10p1
    
    
    ##### VERSION CHECK #####
    
    [INFO] php (cli) version is 7.3.33-11+0~20230612.108+debian11~1.gbp1f186d
    [INFO] php-cgi (used for cgi php in default vhost!) is version 7.3.33
    
    ##### PORT CHECK #####
    
    [WARN] Port 443 (Webserver SSL) seems NOT to be listening
    
    ##### MAIL SERVER CHECK #####
    
    
    ##### RUNNING SERVER PROCESSES #####
    
    [INFO] I found the following web server(s):
        Unknown process (nginx:) (PID 449182)
    [INFO] I found the following mail server(s):
        Postfix (PID 838)
    [INFO] I found the following pop3 server(s):
        Dovecot (PID 448)
    [INFO] I found the following imap server(s):
        Dovecot (PID 448)
    [INFO] I found the following ftp server(s):
        PureFTP (PID 749)
    
    ##### LISTENING PORTS #####
    (only        ()
    Local        (Address)
    [anywhere]:21        (749/pure-ftpd)
    ***.***.***.***:53        (453/named)
    ***.***.***.***:53        (453/named)
    ***.***.***.***:53        (453/named)
    ***.***.***.***:53        (453/named)
    [localhost]:53        (453/named)
    [localhost]:53        (453/named)
    [localhost]:53        (453/named)
    [localhost]:53        (453/named)
    [anywhere]:22        (493/sshd:)
    [anywhere]:25        (838/master)
    [localhost]:953        (453/named)
    [anywhere]:993        (448/dovecot)
    [anywhere]:995        (448/dovecot)
    [localhost]:10023        (539/postgrey)
    [localhost]:10024        (509/amavisd-new)
    [localhost]:10025        (838/master)
    [localhost]:10027        (838/master)
    [anywhere]:587        (838/master)
    [localhost]:11211        (452/memcached)
    [anywhere]:110        (448/dovecot)
    [anywhere]:143        (448/dovecot)
    [anywhere]:80        (449182/nginx:)
    [anywhere]:8080        (449182/nginx:)
    [anywhere]:8081        (449182/nginx:)
    [anywhere]:465        (838/master)
    *:*:*:*::*:21        (749/pure-ftpd)
    *:*:*:*::*:53        (453/named)
    *:*:*:*::*:53        (453/named)
    *:*:*:*::*:53        (453/named)
    *:*:*:*::*:53        (453/named)
    *:*:*:*::*68c2:66ff:fef3:53        (453/named)
    *:*:*:*::*68c2:66ff:fef3:53        (453/named)
    *:*:*:*::*68c2:66ff:fef3:53        (453/named)
    *:*:*:*::*68c2:66ff:fef3:53        (453/named)
    *:*:*:*::*:22        (493/sshd:)
    *:*:*:*::*:25        (838/master)
    *:*:*:*::*:953        (453/named)
    *:*:*:*::*:993        (448/dovecot)
    *:*:*:*::*:995        (448/dovecot)
    *:*:*:*::*:10023        (539/postgrey)
    *:*:*:*::*:10024        (509/amavisd-new)
    *:*:*:*::*:3306        (590/mariadbd)
    *:*:*:*::*:587        (838/master)
    [localhost]10        (448/dovecot)
    [localhost]43        (448/dovecot)
    *:*:*:*::*:80        (449182/nginx:)
    *:*:*:*::*:8080        (449182/nginx:)
    *:*:*:*::*:8081        (449182/nginx:)
    *:*:*:*::*:465        (838/master)
    
    
    
    
    ##### IPTABLES #####
    Chain INPUT (policy DROP)
    target     prot opt source               destination         
    ufw-before-logging-input  all  --  [anywhere]/0            [anywhere]/0           
    ufw-before-input  all  --  [anywhere]/0            [anywhere]/0           
    ufw-after-input  all  --  [anywhere]/0            [anywhere]/0           
    ufw-after-logging-input  all  --  [anywhere]/0            [anywhere]/0           
    ufw-reject-input  all  --  [anywhere]/0            [anywhere]/0           
    ufw-track-input  all  --  [anywhere]/0            [anywhere]/0           
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination         
    ufw-before-logging-forward  all  --  [anywhere]/0            [anywhere]/0           
    ufw-before-forward  all  --  [anywhere]/0            [anywhere]/0           
    ufw-after-forward  all  --  [anywhere]/0            [anywhere]/0           
    ufw-after-logging-forward  all  --  [anywhere]/0            [anywhere]/0           
    ufw-reject-forward  all  --  [anywhere]/0            [anywhere]/0           
    ufw-track-forward  all  --  [anywhere]/0            [anywhere]/0           
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination         
    ufw-before-logging-output  all  --  [anywhere]/0            [anywhere]/0           
    ufw-before-output  all  --  [anywhere]/0            [anywhere]/0           
    ufw-after-output  all  --  [anywhere]/0            [anywhere]/0           
    ufw-after-logging-output  all  --  [anywhere]/0            [anywhere]/0           
    ufw-reject-output  all  --  [anywhere]/0            [anywhere]/0           
    ufw-track-output  all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-after-forward (1 references)
    target     prot opt source               destination         
    
    Chain ufw-after-input (1 references)
    target     prot opt source               destination         
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:137
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:138
    ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:139
    ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:445
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:67
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:68
    ufw-skip-to-policy-input  all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADCAST
    
    Chain ufw-after-logging-forward (1 references)
    target     prot opt source               destination         
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-after-logging-input (1 references)
    target     prot opt source               destination         
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-after-logging-output (1 references)
    target     prot opt source               destination         
    
    Chain ufw-after-output (1 references)
    target     prot opt source               destination         
    
    Chain ufw-before-forward (1 references)
    target     prot opt source               destination         
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
    ufw-user-forward  all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-before-input (1 references)
    target     prot opt source               destination         
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0           
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
    DROP       all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp spt:67 dpt:68
    ufw-not-local  all  --  [anywhere]/0            [anywhere]/0           
    ACCEPT     udp  --  [anywhere]/0            ***.***.***.***          udp dpt:5353
    ACCEPT     udp  --  [anywhere]/0            ***.***.***.***      udp dpt:1900
    ufw-user-input  all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-before-logging-forward (1 references)
    target     prot opt source               destination         
    
    Chain ufw-before-logging-input (1 references)
    target     prot opt source               destination         
    
    Chain ufw-before-logging-output (1 references)
    target     prot opt source               destination         
    
    Chain ufw-before-output (1 references)
    target     prot opt source               destination         
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0           
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ufw-user-output  all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-logging-allow (0 references)
    target     prot opt source               destination         
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "
    
    Chain ufw-logging-deny (2 references)
    target     prot opt source               destination         
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID limit: avg 3/min burst 10
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-not-local (1 references)
    target     prot opt source               destination         
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type LOCAL
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type MULTICAST
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADCAST
    ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10
    DROP       all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-reject-forward (1 references)
    target     prot opt source               destination         
    
    Chain ufw-reject-input (1 references)
    target     prot opt source               destination         
    
    Chain ufw-reject-output (1 references)
    target     prot opt source               destination         
    
    Chain ufw-skip-to-policy-forward (0 references)
    target     prot opt source               destination         
    DROP       all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-skip-to-policy-input (7 references)
    target     prot opt source               destination         
    DROP       all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-skip-to-policy-output (0 references)
    target     prot opt source               destination         
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-track-forward (1 references)
    target     prot opt source               destination         
    
    Chain ufw-track-input (1 references)
    target     prot opt source               destination         
    
    Chain ufw-track-output (1 references)
    target     prot opt source               destination         
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            ctstate NEW
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            ctstate NEW
    
    Chain ufw-user-forward (1 references)
    target     prot opt source               destination         
    
    Chain ufw-user-input (1 references)
    target     prot opt source               destination         
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:21
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:22
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:80
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:443
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:3306
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8080
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 40110:40210
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:20
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:10000
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp dpt:3306
    
    Chain ufw-user-limit (0 references)
    target     prot opt source               destination         
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
    REJECT     all  --  [anywhere]/0            [anywhere]/0            reject-with icmp-port-unreachable
    
    Chain ufw-user-limit-accept (0 references)
    target     prot opt source               destination         
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-user-logging-forward (0 references)
    target     prot opt source               destination         
    
    Chain ufw-user-logging-input (0 references)
    target     prot opt source               destination         
    
    Chain ufw-user-logging-output (0 references)
    target     prot opt source               destination         
    
    Chain ufw-user-output (1 references)
    target     prot opt source               destination         
    
    
    
    
    ##### LET'S ENCRYPT #####
    acme.sh is installed in /root/.acme.sh/acme.sh
    
    
    
    t
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Ok, you enabled both plugins, disable the apache plugin:

    rm -f /usr/local/ispconfig/server/plugins-enabled/apache2_plugin.inc.php
    Then run an ISPConfig update with:

    ispconfig_update.sh --force

    and let the updater reconfigure services. In case your system has apache and nginx installed, the updater will ask which one shall be configured. Take care to choose nginx in this case and not apache.

    Then take care that nginx is shown as web server type under system > server config. If that#s ok, delete the website you created and create it again.
     
  9. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    You got wrong php set for your server when it should be php 7.4 for Debian 11.
     
  10. DavideR

    DavideR Member HowtoForge Supporter

    this is the report of reconfigure

    Operating System: Debian 11.0 (Bullseye) or compatible


    This application will update ISPConfig 3 on your server.


    Shall the script create a ISPConfig backup in /var/backup/ now? (yes,no) [yes]:


    Creating backup of "/usr/local/ispconfig" directory...

    Creating backup of "/etc" directory...

    Creating backup of "/root/.acme.sh" directory...

    Checking MariaDB version 10.5.19 .. OK

    Checking ISPConfig database .. OK

    Starting incremental database update.

    Loading SQL patch file: /tmp/update_runner.sh.GEvH795EqK/install/sql/incremental/upd_dev_collection.sql

    Reconfigure Permissions in master database? (yes,no) [no]:


    Service 'mail_server' has been detected (currently disabled) do you want to enable and configure it? (yes,no) [no]:


    Service 'firewall_server' has been detected (currently disabled) do you want to enable and configure it? (yes,no) [no]:


    Reconfigure Services? (yes,no,selected) [yes]:


    Configuring BIND

    Configuring Pureftpd

    Configuring nginx

    Configuring Apps vhost

    Configuring Jailkit

    Configuring AppArmor

    Configuring Database

    Updating ISPConfig

    ISPConfig Port [8080]:


    Create new ISPConfig SSL certificate (yes,no) [no]:


    Reconfigure Crontab? (yes,no) [yes]:


    Updating Crontab

    Restarting services ...

    Update finished.


    On System Web I've Nginx as system type.



    in php -v I see 7.4 version
     
  11. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    I was responding to your own post in #7, whereby the result you shared says your Debian 11 ISPConfig server was using php 7.3.
    It should be fine if you have fixed it to php 7.4.
     
  12. till

    till Super Moderator Staff Member ISPConfig Developer

    Did you recreate the website as well, and does it work now?
     
  13. DavideR

    DavideR Member HowtoForge Supporter

    Hi, sorry for delay.
    Now Let's encrypt work's I've re-do:
    update-alternatives --config php
    update-alternatives --config php-cgi

    and now work

    thank's for support
     
    ahrasis likes this.

Share This Page