HI I have issue with ssl let's encrypt. I use the last download iso vm and everything is update (3-2-9p1) I have tried with ispconfig interface but nothing. I tried to use command: acme.sh --issue -d desk-it.sckgroup.it --webroot /var/www/desk-it.sckgroup.it [Fri 12 May 2023 04:29:46 PM CEST] Using CA: https://acme-v02.api.letsencrypt.org/directory [Fri 12 May 2023 04:29:47 PM CEST] Single domain='desk-it.sckgroup.it' [Fri 12 May 2023 04:29:47 PM CEST] Getting domain auth token for each domain [Fri 12 May 2023 04:29:49 PM CEST] Getting webroot for domain='desk-it.sckgroup.it' [Fri 12 May 2023 04:29:49 PM CEST] Verifying: desk-it.sckgroup.it mkdir: cannot create directory ‘/var/www/desk-it.sckgroup.it/.well-known’: Operation not permitted /root/.acme.sh/acme.sh: line 4953: /var/www/desk-it.sckgroup.it/.well-known/acme-challenge/4GbWN7pDDr2oEZEV2qQ_TUjZrZnQ6Zxui7qzReAQuCw: No such file or directory [Fri 12 May 2023 04:29:49 PM CEST] desk-it.sckgroup.it:Can not write token to file : /var/www/desk-it.sckgroup.it/.well-known/acme-challenge/4GbWN7pDDr2oEZEV2qQ_TUjZrZnQ6Zxui7qzReAQuCw [Fri 12 May 2023 04:29:49 PM CEST] Please check log file for more details: /var/log/ispconfig/acme.log The problem seem to be the creation of folder .well-known I have tried to create this folder with: mkdir -p .well-know ......nothing it seems that you cannot create folders in the root of the site I attach image of the site root folders Thank for help
You should never use the acme.sh/certbot command manually. You supplied a incorrect webroot, that explains that this did not work. For debugging LE issues, see https://forum.howtoforge.com/threads/lets-encrypt-error-faq.74179/
Thanks for your anwser, can you help me to fix a webroot. I have tried to follow all point of guide but without success. The strange think is that i cannot create any folder inside web root. I have tried with filezilla and command line
That's not the problem. This will completely break LE, so take care to delete that. The website root folder is a folder named 'web', and according to your screenshot, you can create folders there. Outside of the web folder should no folders be created, so the system just protected you from doing this to not destroy your site. Regarding your initial let#s encrypt problem, follow LE FAQ that @Th0m mentioned.
There is nothing wrong with the web root and its fully accessible, which is the folder named "web". You seem to have tried to uploading files to a different folder outside of the web folder.
The guide says you must post debug output if the first steps did not solve the issue. By not posting it, you just let us know that you did not follow it closely. And you might check out this beginner tutorial on how to add a website to learn a bit more about web hosting an ISPConfig in general: https://www.howtoforge.com/ispconfig-website/
I have deleted the site and i have rebuild it.... I have flaged "Let's Encrypt" from fontend the log is : [Fri 12 May 2023 04:18:15 PM CEST] Running cmd: issue [Fri 12 May 2023 04:18:15 PM CEST] _main_domain='desk-it.sckgroup.it' [Fri 12 May 2023 04:18:15 PM CEST] _alt_domains='no' [Fri 12 May 2023 04:18:15 PM CEST] Using config home:/root/.acme.sh [Fri 12 May 2023 04:18:15 PM CEST] default_acme_server='https://acme-v02.api.letsencrypt.org/directory' [Fri 12 May 2023 04:18:15 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Fri 12 May 2023 04:18:15 PM CEST] DOMAIN_PATH='/root/.acme.sh/desk-it.sckgroup.it_ecc' [Fri 12 May 2023 04:18:15 PM CEST] Le_NextRenewTime [Fri 12 May 2023 04:18:15 PM CEST] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory [Fri 12 May 2023 04:18:15 PM CEST] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Fri 12 May 2023 04:18:15 PM CEST] GET [Fri 12 May 2023 04:18:15 PM CEST] url='https://acme-v02.api.letsencrypt.org/directory' [Fri 12 May 2023 04:18:15 PM CEST] timeout= [Fri 12 May 2023 04:18:15 PM CEST] _WGET='wget -q --content-on-error ' [Fri 12 May 2023 04:18:16 PM CEST] Using sed -i [Fri 12 May 2023 04:18:16 PM CEST] ret='0' [Fri 12 May 2023 04:18:16 PM CEST] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change' [Fri 12 May 2023 04:18:16 PM CEST] ACME_NEW_AUTHZ [Fri 12 May 2023 04:18:16 PM CEST] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order' [Fri 12 May 2023 04:18:16 PM CEST] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Fri 12 May 2023 04:18:16 PM CEST] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert' [Fri 12 May 2023 04:18:16 PM CEST] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf' [Fri 12 May 2023 04:18:16 PM CEST] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Fri 12 May 2023 04:18:16 PM CEST] Using CA: https://acme-v02.api.letsencrypt.org/directory [Fri 12 May 2023 04:18:16 PM CEST] _on_before_issue [Fri 12 May 2023 04:18:16 PM CEST] _chk_main_domain='desk-it.sckgroup.it' [Fri 12 May 2023 04:18:16 PM CEST] _chk_alt_domains [Fri 12 May 2023 04:18:16 PM CEST] Le_LocalAddress [Fri 12 May 2023 04:18:16 PM CEST] d='desk-it.sckgroup.it' [Fri 12 May 2023 04:18:16 PM CEST] Check for domain='desk-it.sckgroup.it' [Fri 12 May 2023 04:18:16 PM CEST] _currentRoot='/var/www/desk-it.sckgroup.it' [Fri 12 May 2023 04:18:16 PM CEST] d [Fri 12 May 2023 04:18:16 PM CEST] _saved_account_key_hash is not changed, skip register account. [Fri 12 May 2023 04:18:16 PM CEST] Read key length:ec-256 [Fri 12 May 2023 04:18:16 PM CEST] _createcsr [Fri 12 May 2023 04:18:16 PM CEST] Single domain='desk-it.sckgroup.it' [Fri 12 May 2023 04:18:16 PM CEST] Getting domain auth token for each domain [Fri 12 May 2023 04:18:16 PM CEST] d [Fri 12 May 2023 04:18:16 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Fri 12 May 2023 04:18:16 PM CEST] payload='{"identifiers": [{"type":"dns","value":"desk-it.sckgroup.it"}]}' [Fri 12 May 2023 04:18:16 PM CEST] RSA key [Fri 12 May 2023 04:18:16 PM CEST] HEAD [Fri 12 May 2023 04:18:16 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Fri 12 May 2023 04:18:16 PM CEST] _WGET='wget -q --content-on-error --read-timeout=3.0 --tries=2 ' [Fri 12 May 2023 04:18:17 PM CEST] Using sed -i [Fri 12 May 2023 04:18:17 PM CEST] _ret='0' [Fri 12 May 2023 04:18:17 PM CEST] POST [Fri 12 May 2023 04:18:17 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Fri 12 May 2023 04:18:17 PM CEST] _WGET='wget -q --content-on-error ' [Fri 12 May 2023 04:18:18 PM CEST] Using sed -i [Fri 12 May 2023 04:18:18 PM CEST] _ret='0' [Fri 12 May 2023 04:18:18 PM CEST] code='201' [Fri 12 May 2023 04:18:18 PM CEST] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/1106293407/181729107027' [Fri 12 May 2023 04:18:18 PM CEST] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/1106293407/181729107027' [Fri 12 May 2023 04:18:18 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/227159971477' [Fri 12 May 2023 04:18:18 PM CEST] payload [Fri 12 May 2023 04:18:18 PM CEST] POST [Fri 12 May 2023 04:18:18 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/227159971477' [Fri 12 May 2023 04:18:18 PM CEST] _WGET='wget -q --content-on-error ' [Fri 12 May 2023 04:18:18 PM CEST] Using sed -i [Fri 12 May 2023 04:18:18 PM CEST] _ret='0' [Fri 12 May 2023 04:18:18 PM CEST] code='200' [Fri 12 May 2023 04:18:19 PM CEST] d='desk-it.sckgroup.it' [Fri 12 May 2023 04:18:19 PM CEST] Getting webroot for domain='desk-it.sckgroup.it' [Fri 12 May 2023 04:18:19 PM CEST] _w='/var/www/desk-it.sckgroup.it' [Fri 12 May 2023 04:18:19 PM CEST] _currentRoot='/var/www/desk-it.sckgroup.it' [Fri 12 May 2023 04:18:19 PM CEST] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/227159971477/pZ0zqw","token":"6tG83mzqdKWqcdIrhC4SmIBa6bmu2aLyfDEmlnj-62E"' [Fri 12 May 2023 04:18:19 PM CEST] token='6tG83mzqdKWqcdIrhC4SmIBa6bmu2aLyfDEmlnj-62E' [Fri 12 May 2023 04:18:19 PM CEST] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/227159971477/pZ0zqw' [Fri 12 May 2023 04:18:19 PM CEST] keyauthorization='6tG83mzqdKWqcdIrhC4SmIBa6bmu2aLyfDEmlnj-62E.8r6NufgysLnShl3bFfZ3QgWr_yarSrdtpgS370FtiwM' [Fri 12 May 2023 04:18:19 PM CEST] dvlist='desk-it.sckgroup.it#6tG83mzqdKWqcdIrhC4SmIBa6bmu2aLyfDEmlnj-62E.8r6NufgysLnShl3bFfZ3QgWr_yarSrdtpgS370FtiwM#https://acme-v02.api.letsencrypt.or...7/pZ0zqw#http-01#/var/www/desk-it.sckgroup.it' [Fri 12 May 2023 04:18:19 PM CEST] d [Fri 12 May 2023 04:18:19 PM CEST] vlist='desk-it.sckgroup.it#6tG83mzqdKWqcdIrhC4SmIBa6bmu2aLyfDEmlnj-62E.8r6NufgysLnShl3bFfZ3QgWr_yarSrdtpgS370FtiwM#https://acme-v02.api.letsencrypt.or...7/pZ0zqw#http-01#/var/www/desk-it.sckgroup.it,' [Fri 12 May 2023 04:18:19 PM CEST] d='desk-it.sckgroup.it' [Fri 12 May 2023 04:18:19 PM CEST] ok, let's start to verify [Fri 12 May 2023 04:18:19 PM CEST] Verifying: desk-it.sckgroup.it [Fri 12 May 2023 04:18:19 PM CEST] d='desk-it.sckgroup.it' [Fri 12 May 2023 04:18:19 PM CEST] keyauthorization='6tG83mzqdKWqcdIrhC4SmIBa6bmu2aLyfDEmlnj-62E.8r6NufgysLnShl3bFfZ3QgWr_yarSrdtpgS370FtiwM' [Fri 12 May 2023 04:18:19 PM CEST] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/227159971477/pZ0zqw' [Fri 12 May 2023 04:18:19 PM CEST] _currentRoot='/var/www/desk-it.sckgroup.it' [Fri 12 May 2023 04:18:19 PM CEST] wellknown_path='/var/www/desk-it.sckgroup.it/.well-known/acme-challenge' [Fri 12 May 2023 04:18:19 PM CEST] writing token:6tG83mzqdKWqcdIrhC4SmIBa6bmu2aLyfDEmlnj-62E to /var/www/desk-it.sckgroup.it/.well-known/acme-challenge/6tG83mzqdKWqcdIrhC4SmIBa6bmu2aLyfDEmlnj-62E [Fri 12 May 2023 04:18:19 PM CEST] desk-it.sckgroup.it:Can not write token to file : /var/www/desk-it.sckgroup.it/.well-known/acme-challenge/6tG83mzqdKWqcdIrhC4SmIBa6bmu2aLyfDEmlnj-62E [Fri 12 May 2023 04:18:19 PM CEST] pid [Fri 12 May 2023 04:18:19 PM CEST] No need to restore nginx, skip. [Fri 12 May 2023 04:18:19 PM CEST] _clearupdns [Fri 12 May 2023 04:18:19 PM CEST] dns_entries [Fri 12 May 2023 04:18:19 PM CEST] skip dns. [Fri 12 May 2023 04:18:19 PM CEST] _on_issue_err [Fri 12 May 2023 04:18:19 PM CEST] Please check log file for more details: /var/log/ispconfig/acme.log [Fri 12 May 2023 04:18:19 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/227159971477/pZ0zqw' [Fri 12 May 2023 04:18:19 PM CEST] payload='{}' [Fri 12 May 2023 04:18:19 PM CEST] POST [Fri 12 May 2023 04:18:19 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/227159971477/pZ0zqw' [Fri 12 May 2023 04:18:19 PM CEST] _WGET='wget -q --content-on-error ' [Fri 12 May 2023 04:18:20 PM CEST] Using sed -i [Fri 12 May 2023 04:18:20 PM CEST] _ret='0' [Fri 12 May 2023 04:18:20 PM CEST] code='200'
That's not the ISPConfig debug output the FAQ requests you to post. Please follow the FAQ exactly and post the debug output, it will save you and use a lot of time if you just follow it as other actions like manually running acme.sh may make things worse. What you posted seems to be the acme.sh log that shows the result of wrong manual acme.sh command you ran (see post from @Th0m at the beginning), so not related to ISPConfig.
root@webserver:~# /usr/local/ispconfig/server/server.sh 12.05.2023-17:35 - DEBUG [plugins.inc:155] - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. 12.05.2023-17:35 - DEBUG [server:177] - Found 10 changes, starting update process. 12.05.2023-17:35 - DEBUG [plugins.inc:118] - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'. 12.05.2023-17:35 - DEBUG [system.inc:2399] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 12.05.2023-17:35 - DEBUG [apache2 plugin.inc:2468] - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf 12.05.2023-17:35 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'. 12.05.2023-17:35 - DEBUG [system.inc:2399] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 12.05.2023-17:35 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'. 12.05.2023-17:35 - DEBUG [network settings plugin.inc:249] - Network configuration disabled in server settings. 12.05.2023-17:35 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'. 12.05.2023-17:35 - DEBUG [system.inc:2399] - safe_exec cmd: postconf -e 'smtpd_client_restrictions = check_client_access proxy:mysql:/etc/postfix/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org, reject_unauth_pipelining, permit' - return code: 0 12.05.2023-17:35 - DEBUG [system.inc:2399] - safe_exec cmd: postconf -e 'smtpd_helo_restrictions = permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo, reject_unknown_helo_hostname, permit' - return code: 0 12.05.2023-17:35 - DEBUG [system.inc:2399] - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0 12.05.2023-17:36 - DEBUG [plugins.inc:118] - Calling function 'server_update' from plugin 'rspamd_plugin' raised by event 'server_update'. 12.05.2023-17:36 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'server_services_plugin' raised by event 'server_update'. 12.05.2023-17:36 - DEBUG [plugins.inc:118] - Calling function 'server_update' from plugin 'webserver_plugin' raised by event 'server_update'. 12.05.2023-17:36 - DEBUG [modules.inc:240] - Processed datalog_id 47 12.05.2023-17:36 - DEBUG [plugins.inc:118] - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'. 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 12.05.2023-17:36 - DEBUG [apache2 plugin.inc:2468] - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf 12.05.2023-17:36 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'. 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 12.05.2023-17:36 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'. 12.05.2023-17:36 - DEBUG [network settings plugin.inc:249] - Network configuration disabled in server settings. 12.05.2023-17:36 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'. 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: postconf -e 'smtpd_client_restrictions = check_client_access proxy:mysql:/etc/postfix/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org, reject_unauth_pipelining, permit' - return code: 0 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: postconf -e 'smtpd_helo_restrictions = permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo, reject_unknown_helo_hostname, permit' - return code: 0 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0 12.05.2023-17:36 - DEBUG [plugins.inc:118] - Calling function 'server_update' from plugin 'rspamd_plugin' raised by event 'server_update'. 12.05.2023-17:36 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'server_services_plugin' raised by event 'server_update'. 12.05.2023-17:36 - DEBUG [plugins.inc:118] - Calling function 'server_update' from plugin 'webserver_plugin' raised by event 'server_update'. 12.05.2023-17:36 - DEBUG [modules.inc:240] - Processed datalog_id 48 12.05.2023-17:36 - DEBUG [plugins.inc:118] - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 12.05.2023-17:36 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: chattr -i '/var/www/clients/client0/web3' - return code: 0 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: chattr +i '/var/www/clients/client0/web3' - return code: 0 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: df -T '/var/www/clients/client0/web3'|awk 'END{print $2,$NF}' - return code: 0 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: which 'setquota' 2> /dev/null - return code: 0 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: setquota -u 'web3' '0' '0' 0 0 -a &> /dev/null - return code: 0 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: setquota -T -u 'web3' 604800 604800 -a &> /dev/null - return code: 0 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: chattr +i '/var/www/clients/client0/web3' - return code: 0 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 12.05.2023-17:36 - DEBUG [apache2 plugin.inc:1874] - Writing the vhost file: /etc/apache2/sites-available/desk-it.sckgroup.it.vhost 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 12.05.2023-17:36 - DEBUG [apache2 plugin.inc:3445] - Writing the PHP-FPM config file: /etc/php/8.1/fpm/pool.d/web3.conf 12.05.2023-17:36 - DEBUG [services.inc:56] - Calling function 'restartPHP_FPM' from module 'web_module'. 12.05.2023-17:36 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: systemctl is-enabled 'php8.1-fpm' 2>&1 - return code: 0 12.05.2023-17:36 - DEBUG [web module.inc:316] - Restarting php-fpm: systemctl reload php8.1-fpm.service 12.05.2023-17:36 - DEBUG [apache2 plugin.inc:1992] - Apache status is: running 12.05.2023-17:36 - DEBUG [services.inc:56] - Calling function 'restartHttpd' from module 'web_module'. 12.05.2023-17:36 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: systemctl is-enabled 'apache2' 2>&1 - return code: 0 12.05.2023-17:36 - DEBUG [web module.inc:246] - Restarting httpd: systemctl restart apache2.service 12.05.2023-17:36 - DEBUG [apache2 plugin.inc:1995] - Apache restart return value is: 0 12.05.2023-17:36 - DEBUG [apache2 plugin.inc:2006] - Apache online status after restart is: running 12.05.2023-17:36 - DEBUG [modules.inc:240] - Processed datalog_id 49 12.05.2023-17:36 - DEBUG [modules.inc:240] - Processed datalog_id 50 12.05.2023-17:36 - DEBUG [modules.inc:240] - Processed datalog_id 51 12.05.2023-17:36 - DEBUG [modules.inc:240] - Processed datalog_id 52 12.05.2023-17:36 - DEBUG [modules.inc:240] - Processed datalog_id 53 12.05.2023-17:36 - DEBUG [modules.inc:240] - Processed datalog_id 54 12.05.2023-17:36 - DEBUG [modules.inc:240] - Processed datalog_id 55 12.05.2023-17:36 - DEBUG [modules.inc:240] - Processed datalog_id 56 12.05.2023-17:36 - DEBUG [services.inc:56] - Calling function 'restartHttpd' from module 'web_module'. 12.05.2023-17:36 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: systemctl is-enabled 'apache2' 2>&1 - return code: 0 12.05.2023-17:36 - DEBUG [web module.inc:246] - Restarting httpd: systemctl restart apache2.service 12.05.2023-17:36 - DEBUG [services.inc:56] - Calling function 'restartPostfix' from module 'mail_module'. 12.05.2023-17:36 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: systemctl is-enabled 'postfix' 2>&1 - return code: 0 12.05.2023-17:36 - DEBUG [services.inc:56] - Calling function 'restartRspamd' from module 'mail_module'. 12.05.2023-17:36 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service 12.05.2023-17:36 - DEBUG [system.inc:2399] - safe_exec cmd: systemctl is-enabled 'rspamd' 2>&1 - return code: 0 12.05.2023-17:36 - DEBUG [server:217] - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock finished server.php.
Thanks, this is the correct output. According to the log, you did not try to enable the let's encrypt checkbox in this debug session. The next steps are: 1) Enable let's encrypt checkbox in this website and press save button. 2) Run server.sh again and post the output that you get now.
12.05.2023-17:42 - DEBUG [plugins.inc:155] - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. 12.05.2023-17:42 - DEBUG [server:177] - Found 1 changes, starting update process. 12.05.2023-17:42 - DEBUG [plugins.inc:118] - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 12.05.2023-17:42 - DEBUG [plugins.inc:118] - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'. 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: chattr -i '/var/www/clients/client0/web3' - return code: 0 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: chattr +i '/var/www/clients/client0/web3' - return code: 0 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: df -T '/var/www/clients/client0/web3'|awk 'END{print $2,$NF}' - return code: 0 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: which 'setquota' 2> /dev/null - return code: 0 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: setquota -u 'web3' '0' '0' 0 0 -a &> /dev/null - return code: 0 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: setquota -T -u 'web3' 604800 604800 -a &> /dev/null - return code: 0 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: chattr +i '/var/www/clients/client0/web3' - return code: 0 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 12.05.2023-17:42 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: systemctl is-enabled 'apache2' 2>&1 - return code: 0 12.05.2023-17:42 - DEBUG [letsencrypt.inc:431] - Create Let's Encrypt SSL Cert for: desk-it.sckgroup.it 12.05.2023-17:42 - DEBUG [letsencrypt.inc:432] - Let's Encrypt SSL Cert domains: 12.05.2023-17:42 - DEBUG [system.inc:1819] - exec: R=0 ; C=0 ; /root/.acme.sh/acme.sh --issue -d desk-it.sckgroup.it -w /usr/local/ispconfig/interface/acme --always-force-new-domain-key --keylength 4096; R=$? ; if [ $R -eq 0 -o $R -eq 2 ] ; then /root/.acme.sh/acme.sh --install-cert -d desk-it.sckgroup.it --key-file '/var/www/clients/client0/web3/ssl/desk-it.sckgroup.it-le.key' --fullchain-file '/var/www/clients/client0/web3/ssl/desk-it.sckgroup.it-le.crt' --reloadcmd 'systemctl force-reload apache2.service' --log '/var/log/ispconfig/acme.log'; C=$? ; fi ; if [ $C -eq 0 ] ; then exit $R ; else exit $C ; fi [Fri 12 May 2023 05:42:31 PM CEST] desk-it.sckgroup.it:Verify error:195.32.121.157: Fetching http://desk-it.sckgroup.it/.well-known/acme-challenge/dAnj8qB_nvCx1JjBMRuFkoC8BLFcK1JRUqR7wMlW_ZA: Timeout during connect (likely firewall problem) [Fri 12 May 2023 05:42:31 PM CEST] Please check log file for more details: /var/log/ispconfig/acme.log 12.05.2023-17:42 - WARNING - Let's Encrypt SSL Cert for: desk-it.sckgroup.it could not be issued. 12.05.2023-17:42 - WARNING - R=0 ; C=0 ; /root/.acme.sh/acme.sh --issue -d desk-it.sckgroup.it -w /usr/local/ispconfig/interface/acme --always-force-new-domain-key --keylength 4096; R=$? ; if [ $R -eq 0 -o $R -eq 2 ] ; then /root/.acme.sh/acme.sh --install-cert -d desk-it.sckgroup.it --key-file '/var/www/clients/client0/web3/ssl/desk-it.sckgroup.it-le.key' --fullchain-file '/var/www/clients/client0/web3/ssl/desk-it.sckgroup.it-le.crt' --reloadcmd 'systemctl force-reload apache2.service' --log '/var/log/ispconfig/acme.log'; C=$? ; fi ; if [ $C -eq 0 ] ; then exit $R ; else exit $C ; fi 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 12.05.2023-17:42 - DEBUG [apache2 plugin.inc:1874] - Writing the vhost file: /etc/apache2/sites-available/desk-it.sckgroup.it.vhost 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0 12.05.2023-17:42 - DEBUG [apache2 plugin.inc:3445] - Writing the PHP-FPM config file: /etc/php/7.4/fpm/pool.d/web3.conf 12.05.2023-17:42 - DEBUG [services.inc:56] - Calling function 'restartPHP_FPM' from module 'web_module'. 12.05.2023-17:42 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: systemctl is-enabled 'php7.4-fpm' 2>&1 - return code: 0 12.05.2023-17:42 - DEBUG [web module.inc:316] - Restarting php-fpm: systemctl reload php7.4-fpm.service 12.05.2023-17:42 - DEBUG [apache2 plugin.inc:1992] - Apache status is: running 12.05.2023-17:42 - DEBUG [services.inc:56] - Calling function 'restartHttpd' from module 'web_module'. 12.05.2023-17:42 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service 12.05.2023-17:42 - DEBUG [system.inc:2399] - safe_exec cmd: systemctl is-enabled 'apache2' 2>&1 - return code: 0 12.05.2023-17:42 - DEBUG [web module.inc:246] - Restarting httpd: systemctl restart apache2.service 12.05.2023-17:42 - DEBUG [apache2 plugin.inc:1995] - Apache restart return value is: 0 12.05.2023-17:42 - DEBUG [apache2 plugin.inc:2006] - Apache online status after restart is: running 12.05.2023-17:42 - DEBUG [modules.inc:240] - Processed datalog_id 67 12.05.2023-17:42 - DEBUG [server:217] - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock finished server.php.
Ok, here you have the reason for your issue: Let's encrypt tried to reach that URL but could not reach it due to network timeout. LE must be able to reach the domain from its servers on port 80 to issue the cert. I'm able to reach it from here, but maybe you run some kind of firewall or geo blocking or you use a system like Cloudflare which blocks LE requests. Or you just recently changed DNS over and the DNS response that LE received for your domain still pointed to your old server.
