cannot activate letsencrypt for one specific site

Discussion in 'Installation/Configuration' started by chico11mbit, Dec 7, 2018.

  1. chico11mbit

    chico11mbit Member HowtoForge Supporter

    Hmm,
    something weird happens. The button for letsencrypt on the setting for a website was deactivated. I cannot activate the letsencrypt button under website. Everytime when i do it, the cronjob is registered (red circle with a 1 inside) but after that the button for letsencrypt is clear and no cert is created.

    I deleted the dirs for the site in /etc/letsencrypt/live ...archive and ...renewal. also i deleted all files in the website folder web/ssl

    What can i do? The page runs 4 years flawlessly.

    Here is the log from letsencrypt.
    Code:
    2018-12-07 15:28:02,134:DEBUG:certbot.main:Root logging level set at 20
    2018-12-07 15:28:02,134:INFO:certbot.main:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    2018-12-07 15:28:02,135:WARNING:certbot.cli:You are running with an old copy of letsencrypt-auto that does not receive updates, and is less reliable than more recent versions. We recommend upgrading to the latest certbot-auto script, or using native OS packages.
    2018-12-07 15:28:02,135:DEBUG:certbot.cli:Deprecation warning circumstances: /root/.local/share/letsencrypt/bin/letsencrypt / {'LANG': 'de_DE.UTF-8', 'SHELL': '/bin/sh', 'SHLVL': '3', 'PWD': '/usr/local/ispconfig/server', 'LOGNAME': 'root', 'HOME': '/root', 'PATH': '/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/X11R6/bin', '_': '/root/.local/share/letsencrypt/bin/letsencrypt'}
    2018-12-07 15:28:02,135:DEBUG:certbot.main:certbot version: 0.9.3
    2018-12-07 15:28:02,135:DEBUG:certbot.main:Arguments: ['-n', '--text', '--agree-tos', '--expand', '--authenticator', 'webroot', '--server', 'https://acme-v02.api.letsencrypt.org/directory', '--rsa-key-size', '4096', '--email', '[email protected]', '--domains', 'MYDOMAIN.COM', '--domains', 'www.MYDOMAIN.COM', '--webroot-path', '/usr/local/ispconfig/interface/acme']
    2018-12-07 15:28:02,135:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#nginx,PluginEntryPoint#standalone,PluginEntryPoint#manual,PluginEntryPoint#webroot,PluginEntryPoint#apache,PluginEntryPoint#null)
    2018-12-07 15:28:02,135:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2018-12-07 15:28:02,137:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
    Description: Place files in webroot directory
    Interfaces: IAuthenticator, IPlugin
    Entry point: webroot = certbot.plugins.webroot:Authenticator
    Initialized: <certbot.plugins.webroot.Authenticator object at 0x7ff8dbfd93d0>
    Prep: True
    2018-12-07 15:28:02,137:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7ff8dbfd93d0> and installer None
    2018-12-07 15:28:02,581:DEBUG:root:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. args: (), kwargs: {}
    2018-12-07 15:28:02,584:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
    2018-12-07 15:28:03,035:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 658
    2018-12-07 15:28:03,035:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '658', 'Expires': 'Fri, 07 Dec 2018 15:28:03 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 07 Dec 2018 15:28:03 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json'}. Content: '{\n  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",\n  "meta": {\n    "caaIdentities": [\n      "letsencrypt.org"\n    ],\n    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",\n    "website": "https://letsencrypt.org"\n  },\n  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",\n  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",\n  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",\n  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert",\n  "zIZx7ZRmo2o": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417"\n}'
    2018-12-07 15:28:03,036:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '658', 'Expires': 'Fri, 07 Dec 2018 15:28:03 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 07 Dec 2018 15:28:03 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json'}): '{\n  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",\n  "meta": {\n    "caaIdentities": [\n      "letsencrypt.org"\n    ],\n    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",\n    "website": "https://letsencrypt.org"\n  },\n  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",\n  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",\n  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",\n  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert",\n  "zIZx7ZRmo2o": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417"\n}'
    2018-12-07 15:28:03,038:DEBUG:certbot.main:Exiting abnormally:
    Traceback (most recent call last):
      File "/root/.local/share/letsencrypt/bin/letsencrypt", line 11, in <module>
        sys.exit(main())
      File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 776, in main
        return config.func(config, plugins)
      File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 558, in obtain_cert
        le_client = _init_le_client(config, auth, installer)
      File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 368, in _init_le_client
        acc, acme = _determine_account(config)
      File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 353, in _determine_account
        config, account_storage, tos_cb=_tos_cb)
      File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 120, in register
        regr = perform_registration(acme, config)
      File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 150, in perform_registration
        return acme.register(messages.NewRegistration.from_data(email=config.email))
      File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py", line 96, in register
        response = self.net.post(self.directory[new_reg], new_reg)
      File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/messages.py", line 162, in __getitem__
        raise KeyError('Directory field not found')
    KeyError: 'Directory field not found'
     
    Last edited: Dec 7, 2018
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Seems as if the certbot version is too old. Update certbot to the current version.
     
  3. chico11mbit

    chico11mbit Member HowtoForge Supporter

    Oh. i have never done that before. i thought there is an auto update. how can i do this :-(

    It is ubuntu 14.04LTS
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Go to the certbot website and follow the instructions: https://certbot.eff.org/
    Ubuntu 14.04 does not contain a recent certbot.
     
  5. chico11mbit

    chico11mbit Member HowtoForge Supporter

    got it. i have installed certbot with the first release when ispconfig supported it. it is in /opt/certbot/certbot-auto

    My question:
    is it possible to uninstall that and install it in the way certbot.eff.org in the way the following link explains it with apt?
    I'm unsure and hope you can help me with this. I am afraid to ruin everything.

    https://certbot.eff.org/lets-encrypt/ubuntutrusty-apache
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    I don't run such old Ubuntu systems anymore, so I can't give you a specific answer for Ubuntu 14.04. I would just install the new certbot as explained on certbot site and test if it works then.
     
  7. chico11mbit

    chico11mbit Member HowtoForge Supporter

    ok. lets give it a try. *fingers cross*
     

Share This Page