wrong name when link on cert let's encrypt

Discussion in 'General' started by arnaud69, May 19, 2020.

  1. arnaud69

    arnaud69 New Member

    Hello,
    Since 3 years i'm using ispconfig, i did the last update to 3.1.15p3.
    Since the update i have problems with generation of a new ssl letsencrypt.
    My nginx can't take the certif and is saying doesn't found on the creation of a new domaine (domaine.fr)
    Code:
    ssl_certificate /var/www/clients/client1/web71/ssl/domaine.fr.crt;
    ssl_certificate_key /var/www/clients/client1/web71/ssl/domaine.fr.key;
    When doing a ls -la in the path /var/www/clients/client1/web71/ssl/ i have :
    Code:
    ssl_certificate /var/www/clients/client1/web71/ssl/domaine.fr-le.crt;
    ssl_certificate_key /var/www/clients/client1/web71/ssl/domaine.fr-le.key;
    So, searching why the '-le' is there, i found in /usr/local/ispconfig/server/lib/classes/letsencrypt.inc.php that you had $cert_paths like this :
    Code:
            $cert_paths = array(
                'domain' => $domain,
                'key' => $ssl_dir.'/'.$domain.'.key',
                'key2' => $ssl_dir.'/'.$domain.'.key.org',
                'csr' => $ssl_dir.'/'.$domain.'.csr',
                'crt' => $ssl_dir.'/'.$domain.'.crt',
                'bundle' => $ssl_dir.'/'.$domain.'.bundle'
            );
          
            if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y') {
                $cert_paths = array(
                    'domain' => $domain,
                    'key' => $ssl_dir.'/'.$domain.'-le.key',
                    'key2' => $ssl_dir.'/'.$domain.'-le.key.org',
                    'crt' => $ssl_dir.'/'.$domain.'-le.crt',
                    'bundle' => $ssl_dir.'/'.$domain.'-le.bundle'
                );
            }
    Of course, seeing the '-le' i commented the test, and now all is right.
    When update isp to 15p3 (went from 3.1.13), i choose of course to reconfigure services.
    So, my questions :
    - why this test and wrinting with '-le' ?
    - the template nginx doesn't seem to have a '-le' (yes i have a conf custom for nginx), so should i update all ?
    Excuse for my poor english, i hope anywhere it's clear for you.
    Many thanks for all !
    Arnaud
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The reason for your issue is that you missed updating your custom Nginx vhost template. Compare your template with the one that ships with ISPConfig 3.1.15p3 and update it accordingly.
     
  3. arnaud69

    arnaud69 New Member

    Ok many thanks, i will do it now
     
  4. arnaud69

    arnaud69 New Member

    Just a quote to say you should remove TLSv1 and TLSv1.1...
     

Share This Page