This is ISPConfig 3.2. When "Rewrite HTTP to HTTPS" is enabled by a user, https://xxa.se/i/20gdopi49kjuss48.png, Lets Encrypt in becomes disabled, https://xxa.se/i/2087k8e4839qk950.png WHen I look at the vhost file, lets encrypt lines have been removed and generic SSL lines added. See https://xxa.se/i/20vcku743k16ao52.png The webpage does not load, it throws ERR_SSL_PROTOCOL_ERROR What could be wrong here? Kind regards Lennart
When "Rewrite HTTP to HTTPS" is enabled the whole 443 VirtualHost container is missing in the vhost file, and the acme lines are added (to the 80 container).
Do you have a custom vhost in /usr/local/ispconfig/server/conf-custom? If so, replace that with the new one in /usr/local/ispconfig/server/conf and tweak it to your needs. You could try doing a force reload aswell. I can't reproduce this issue on a system with 3.2 installed.
No, nothing here. This is not a production system, its a multiserver environment I have put up to evaluate ISPConfig. The install is very native. Assume you are referring to apache, and I have done several test including restarting apache. I attach the vhost file (changed IP and hostname) that is created after the user enables the https redirect. As you can see there is no 443 container. Furthermore the https directive is still there, despite it was disabled: Code: RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE] and acme lines are added: Code: RewriteCond %{REQUEST_URI} ^/\.well-known/acme-challenge/ RewriteRule ^ - [END] which I dont understand since these are absent when there is a working le 443 container, assume you use another method for le to verify. Very strange, I have made several tests with the same result. Well, will have to re-install the server if the root cause cant be find. Since there is no multiserver Debian 10 ISPConfig 3.2 manual for install, I had to combine the ones there are.
I meant force reloading the panel, to see if any code was cached from 3.1.15p3 (which should not be possible, but still) You can also try running a update: Code: cd /tmp wget https://www.ispconfig.org/downloads/ISPConfig-3.2.tar.gz tar xvfz ISPConfig-3.2.tar.gz cd ispconfig3_install/install php -q update.php
I have testes to enable "Rewrite HTTP to HTTPS" as admin, and in that case, no problem. The problem occurs when the user, logged in as the user, enables it.
Doing this, I am logged in on Safari as admin and as the user on Vivaldi, same computer. Will do test with only user logged in.
Just tested that, can't reproduce it as user either. But will double check the code to see if I find something weird. Thanks for sharing the vhost, thats helpful.
Just tested on safari, can't reproduce it. This is a shot in the dark, but maybe it is disabled because Let's Encrypt verification failed? Any errors under Monitor -> System-log?
Have you tested as the user, that is, login as the user? For me, this is when it failes. This is a 3.2 install from scratch. Nothing there that say Let's Encrypt verification failes. When "Rewrite HTTP to HTTPS" is disabled, https works as it should with lets encrypt certificate.
Yes No other issues either? Can you go through these steps: https://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/, enable LE, run the server.sh script, enable the redirect, and then run the script again, and share the outputs here within code tags?
I have seen it, thanks. It seems like the user has no rights for SSL and LE, can you add SSL and LE to their limits and test again? If that works correctly, can you try again after removing rights to LE, but keep SSL enabled in the client limits? It might be this issue but just for SSL: https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4511
Hm, to fast, here is is Code: root@ic:~/tmp/problem_httpsredir# /usr/local/ispconfig/server/server.sh 19.10.2020-20:21 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. 19.10.2020-20:21 - DEBUG - Found 2 changes, starting update process. 19.10.2020-20:21 - DEBUG - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'. 19.10.2020-20:21 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 19.10.2020-20:21 - DEBUG - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf 19.10.2020-20:21 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'. 19.10.2020-20:21 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 19.10.2020-20:21 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'. 19.10.2020-20:21 - DEBUG - Network configuration disabled in server settings. 19.10.2020-20:21 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'. 19.10.2020-20:21 - DEBUG - safe_exec cmd: postconf -e 'smtpd_client_restrictions = check_client_access proxy:mysql:/etc/postfix/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, reject_rbl_client zen.spamhaus.org, permit_sasl_authenticated, reject_unauth_pipelining, permit' - return code: 0 19.10.2020-20:21 - DEBUG - safe_exec cmd: postconf -e 'smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo, reject_unknown_helo_hostname, permit' - return code: 0 19.10.2020-20:21 - DEBUG - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0 19.10.2020-20:21 - DEBUG - Calling function 'server_update' from plugin 'webserver_plugin' raised by event 'server_update'. 19.10.2020-20:21 - DEBUG - Processed datalog_id 367 19.10.2020-20:21 - DEBUG - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'. 19.10.2020-20:21 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 19.10.2020-20:21 - DEBUG - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf 19.10.2020-20:21 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'. 19.10.2020-20:21 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 19.10.2020-20:21 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'. 19.10.2020-20:21 - DEBUG - Network configuration disabled in server settings. 19.10.2020-20:21 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'. 19.10.2020-20:21 - DEBUG - safe_exec cmd: postconf -e 'smtpd_client_restrictions = check_client_access proxy:mysql:/etc/postfix/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, reject_rbl_client zen.spamhaus.org, permit_sasl_authenticated, reject_unauth_pipelining, permit' - return code: 0 19.10.2020-20:21 - DEBUG - safe_exec cmd: postconf -e 'smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo, reject_unknown_helo_hostname, permit' - return code: 0 19.10.2020-20:21 - DEBUG - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0 19.10.2020-20:21 - DEBUG - Calling function 'server_update' from plugin 'webserver_plugin' raised by event 'server_update'. 19.10.2020-20:21 - DEBUG - Processed datalog_id 368 19.10.2020-20:21 - DEBUG - Calling function 'restartHttpd' from module 'web_module'. 19.10.2020-20:21 - DEBUG - Restarting httpd: systemctl restart apache2.service 19.10.2020-20:21 - DEBUG - Calling function 'restartPostfix' from module 'mail_module'. 19.10.2020-20:21 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock finished server.php.
I see quite some changes, but nothing on your website. Did you change settings and run the command after? Remember to comment out the cronjobs aswell.
This is what template Basic says https://xxa.se/i/20n60s2115rjei25.png Is this wrong, should both be enabled? The template Basic has been assigned to the client. However, the custom settings below says something else, but I assume that part is obsolete. https://xxa.se/i/20hy484343plg128.png
Here we are Code: root@ic:~/tmp/problem_httpsredir# /usr/local/ispconfig/server/server.sh 19.10.2020-20:34 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. 19.10.2020-20:34 - DEBUG - Found 1 changes, starting update process. 19.10.2020-20:34 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 19.10.2020-20:34 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 19.10.2020-20:34 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client2/web10' - return code: 0 19.10.2020-20:34 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client2/web10' - return code: 0 19.10.2020-20:34 - DEBUG - safe_exec cmd: df -T '/var/www/clients/client2/web10'|awk 'END{print $2,$NF}' - return code: 0 19.10.2020-20:34 - DEBUG - safe_exec cmd: which 'setquota' 2> /dev/null - return code: 0 19.10.2020-20:34 - DEBUG - safe_exec cmd: setquota -u 'web10' '102400' '103424' 0 0 -a &> /dev/null - return code: 0 19.10.2020-20:34 - DEBUG - safe_exec cmd: setquota -T -u 'web10' 604800 604800 -a &> /dev/null - return code: 0 19.10.2020-20:34 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client2/web10' - return code: 0 19.10.2020-20:34 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 19.10.2020-20:34 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/wjk.se.vhost 19.10.2020-20:34 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 19.10.2020-20:34 - DEBUG - Writing the PHP-FPM config file: /etc/php/7.3/fpm/pool.d/web10.conf 19.10.2020-20:34 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'. 19.10.2020-20:34 - DEBUG - Restarting php-fpm: systemctl reload php7.3-fpm.service 19.10.2020-20:34 - DEBUG - Apache status is: running 19.10.2020-20:34 - DEBUG - Calling function 'restartHttpd' from module 'web_module'. 19.10.2020-20:34 - DEBUG - Restarting httpd: systemctl restart apache2.service 19.10.2020-20:34 - DEBUG - Apache restart return value is: 0 19.10.2020-20:34 - DEBUG - Apache online status after restart is: running 19.10.2020-20:34 - DEBUG - Processed datalog_id 376 19.10.2020-20:34 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock finished server.php.