I have a number of websites which are all happily served using https certificates generated via IspConfig3 -> LetsEncrypt. These were generated using the checkboxes "SSL" and "Lets Encrypt SSL" from the IspConfig control panel Website -> Web Domain. Just now, I've created a new website and, no matter what I do, the SSL checkboxes will not "stick". That is, the SSL (creation) process appears to be called from IspConfig and looks as though it's worked, until I check the Web Domain page, and the checkboxes are blank again. Equally, when I look at the site/URL, I see a curl failure: Code: curl: (60) SSL: no alternative certificate subject name matches target host name YES, I know, there is the error! But WHY?! I've looked in my logs, Code: /var/log/{syslog,letsencrypt/letsencrypt.log} etc. and see nothing to indicate what the problem might be. In desperation I created a "standalone" certificate, which appeared to work, at least Code: certbot certificates now responds with the certificate as expected. The website appears to just ignore it and return a different website/certificate instead. What on earth is going on, does anyone have any helpful ideas/suggestions, please?
Plese follow each step of the FAQ to find out why the cert creation failed: https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/ I hope you did not use certbot with apache or Nginx option which alters config files, as this makes the site unmanageable with ISPConfig until you removed the duplicated config that certbot created.
hi Till, thanks for your quick reply. So I've cleaned the certs out, and the old website too. Then I recreated the website empty, eg; as per isp3 only. I I can reach this fine but only via http. I also used the letsencrypt FAQ to follow the logs. I see nothing in there. The certificate returned is constantly from a different website, presumably because the correct one is not generated by LE under ISPConfig. btw. this is for a subdomain (which I'm using as a main domain as far as isp3 is concerned.) This shouldn't have any effect, as I have multiple subdomains all working just fine, exactly as this one should (but doesn't). I don't see what's different... R.
It's not that easy to help when you don't post any debug details nor the le log Please post the debug output from server.sh script which is generated by server.sh when you execute it after you enabled the let's encrypt and SSL checkboxes of the website. (FAQ, last step).
yes, Till, I hear you, and I finally managed to clue-in to setting the ISPConfig debug level. Strangely this time it worked! Maybe it's like going to the doctor, and the symptoms go away...? If it happens again, I'll switch debugging on before posting here. Thanks for the helpful tip! R.
