Help about Let's Encrypt certificates

Discussion in 'ISPConfig 3 Priority Support' started by Christophe69, Dec 30, 2019.

  1. Christophe69

    Christophe69 Member HowtoForge Supporter

    Hello,
    I’m here to ask you for a little help on a problem I’ve had since trying to install the Let’s Encrypt certificate in my server’s administration.

    I must admit that I am quite new to managing a server with the shell.

    To summarize :
    I cannot use Let’s Encryt certificates correctly.

    More details:
    I installed a "Debian 9 Stretch ISPConfig 3.1" operating system from the OVH interface.
    Then I started to transfer my sites, and everything worked fine. LE certificates for my sites was installed correctly.

    But I wanted to install an LE certificate for the administration interface and this is where the problems started….

    I scrupulously followed the tutorial "Securing ISPConfig 3.1 With a Free Let’s Encrypt SSL Certificate" located at this address:
    https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/

    I used the "LE4ISPC" script while respecting the prerequisites:
    1- Created the website for your server via ISPConfig; -> DONE
    2- The website accessible online; -> DONE
    3- ISPConfig SSL enabled (via installation or update); -> DONE
    4- LE SSL successfully enabled for the website. -> DONE

    5- Use « LE4ISPC » -> ERROR

    Following this, the server refused to restart, displaying the error:
    Code:
    Job for apache2.service failed because the control process exited with error code.
    See "systemctl status apache2.service" and "journalctl -xe" for details.
    
    I asked for help from a friend who was able to help me restore the server by restoring ISPConfig using update.php.

    But some errors remain.

    Site certificates no longer want to install, nor does the administration certificate work. I think it is en error related to the bad installation with "LE4ISP" script.

    Here is the log of "Let’s Encrypt" for the last certificate of one of the sites hosted on the server:

    /var/log/letsencrypt/letsencrypt.log
    Code:
    2019-12-30 12:30:03,813:DEBUG:certbot.log:Exiting abnormally:
    Traceback (most recent call last):
      File "/usr/bin/letsencrypt", line 11, in <module>
        load_entry_point('certbot==0.28.0', 'console_scripts', 'certbot')()
      File "/usr/lib/python3/dist-packages/certbot/main.py", line 1340, in main
        return config.func(config, plugins)
      File "/usr/lib/python3/dist-packages/certbot/main.py", line 1209, in certonly
        le_client = _init_le_client(config, auth, installer)
      File "/usr/lib/python3/dist-packages/certbot/main.py", line 604, in _init_le_client
        acc, acme = _determine_account(config)
      File "/usr/lib/python3/dist-packages/certbot/main.py", line 521, in _determine_account
        config, account_storage, tos_cb=_tos_cb)
      File "/usr/lib/python3/dist-packages/certbot/client.py", line 183, in register
        regr = perform_registration(acme, config, tos_cb)
      File "/usr/lib/python3/dist-packages/certbot/client.py", line 208, in perform_registration
        tos_cb)
      File "/usr/lib/python3/dist-packages/acme/client.py", line 846, in new_account_and_tos
        regr = self.client.register(regr)
      File "/usr/lib/python3/dist-packages/acme/client.py", line 278, in register
        response = self._post(self.directory[new_reg], new_reg)
      File "/usr/lib/python3/dist-packages/acme/client.py", line 95, in _post
        return self.net.post(*args, **kwargs)
      File "/usr/lib/python3/dist-packages/acme/client.py", line 1187, in post
        return self._post_once(*args, **kwargs)
      File "/usr/lib/python3/dist-packages/acme/client.py", line 1201, in _post_once
        response = self._check_response(response, content_type=content_type)
      File "/usr/lib/python3/dist-packages/acme/client.py", line 1056, in _check_response
        raise messages.Error.from_json(jobj)
    acme.messages.Error: urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details.
    2019-12-30 12:30:03,814:ERROR:certbot.log:An unexpected error occurred:
    2019-12-30 12:30:03,815:ERROR:certbot.log:The client lacks sufficient authorization :: Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details.
    
    Of course I read like you that I have to update "ACME" to solve the problem.

    Looking at the state of "Certbot":
    Code:
    [email protected]: /# certbot -v
    Root logging level set at 10
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Requested authenticator None and installer None
    No candidate plugin
    Selected authenticator None and installer None
    Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run "certbot certonly" to do so. You'll need to manually configure your web server to use the resulting certificate.
    
    I don't know if this is part of the problem.

    Of course, I read the page:
    https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/


    I tried a previous time to follow many indications given here and there on the forum or on the web, but I cannot seem to have Let’s Encrypt certificates both on the sites and on the administration.

    This is the second installation of ISPConfig that I am doing. I had the same problem the previous time and I had to reinstall everything because I admit that I am unable to solve these kinds of problems ...

    I would appreciate the help of someone experienced on ISPConfig available to solve this problem or help me do it….
    I just want to restore the possibility of using SSL and Let’s Encrypt on my sites, and also use a Let’sEncrypt certificate in my administrations (ISPConfig, PHPMyAdmin, Roundcube).

    I'm willing to pay for help or to do this for me. I can't get out of this problem. I think it is not that complicated but I do not master this job enough to do it….

    Is it possible to find someone who could do it on this forum? Or at least help me?

    I would point out that in parallel with this subject in the forum, I contacted "Business" support to ask if I could get their help and the price it would cost me.

    Thank you in advance to those who will take the time to answer me.
     
  2. Christophe69

    Christophe69 Member HowtoForge Supporter

    To complete the information, here is the information requested on this page:

    https://www.howtoforge.com/community/threads/please-read-before-posting.58408/


    Informations :
    Code:
    OS :  « Debian GNU/Linux 9 (stretch) »
    ISPConfig version : ISPConfig-Version: 3.1.15p2
    
    Installation type : Pre-configured « Debian 9 ISPConfig 3.1 ».
    Server version: Apache/2.4.25 (Debian)
    Server built:   2019-10-13T15:43:54
    
    Report :
    Code:
    [email protected]:/tmp# wget -q -O htf-common-issues.php "http://gitplace.net/pixcept/ispconfig-tools/raw/stable/htf-common-issues.php" && php -q htf-common-issues.php
    
    ##### SCRIPT FINISHED #####
    Results can be found in htf_report.txt
    To view results use your favourite text editor or type 'cat htf_report.txt | more' on the server console.
    
    If you want to see the non-anonymized output start the script with --debug as parameter (php -q htf-common-issues.php --debug).
    
    [email protected]:/tmp# cat htf_report.txt | more
    
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] OS version is Debian GNU/Linux 9.11 (stretch)
    
    [INFO] ISPConfig is installed.
    
    ##### ISPCONFIG #####
    ISPConfig version is 3.1
    
    
    ##### VERSION CHECK #####
    
    [INFO] php (cli) version is 7.0.33-14+0~20191218.25+debian9~1.gbpae1889
    
    ##### PORT CHECK #####
    
    [WARN] Port 465 (SMTP server SSL) seems NOT to be listening
    [WARN] Port 22 (SSH server) seems NOT to be listening
    
    ##### MAIL SERVER CHECK #####
    
    
    ##### RUNNING SERVER PROCESSES #####
    
    [INFO] I found the following web server(s):
            Apache 2 (PID 20682)
    [INFO] I found the following mail server(s):
            Unknown process (sendmail:) (PID 926)
    [INFO] I found the following pop3 server(s):
            Dovecot (PID 810)
    [INFO] I found the following imap server(s):
            Dovecot (PID 810)
    [INFO] I found the following ftp server(s):
            PureFTP (PID 25384)
    
    ##### LISTENING PORTS #####
    (seulement              ()
    Adresse         (distante)
    [localhost]:9029                (749/php-fpm:)
    [localhost]:3306                (1148/mysqld)
    [localhost]:587         (926/sendmail:)
    [localhost]:11211               (752/memcached)
    [localhost]:9100                (848/noderig)
    [anywhere]:110          (810/dovecot)
    [anywhere]:143          (810/dovecot)
    [anywhere]:53618                (795/sshd)
    [anywhere]:21           (25384/pure-ftpd)
    ***.***.***.***:53              (750/named)
    [localhost]:53          (750/named)
    [localhost]:25          (926/sendmail:)
    [localhost]:953         (750/named)
    [localhost]:9020                (749/php-fpm:)
    [anywhere]:993          (810/dovecot)
    [anywhere]:995          (810/dovecot)
    [localhost]10           (810/dovecot)
    [localhost]43           (810/dovecot)
    *:*:*:*::*:80           (20682/apache2)
    *:*:*:*::*:8080         (20682/apache2)
    *:*:*:*::*:8081         (20682/apache2)
    *:*:*:*::*:53618                (795/sshd)
    *:*:*:*::*:21           (25384/pure-ftpd)
    *:*:*:*::*:53           (750/named)
    *:*:*:*::*:953          (750/named)
    *:*:*:*::*:443          (20682/apache2)
    *:*:*:*::*:993          (810/dovecot)
    *:*:*:*::*:995          (810/dovecot)
    
    
    
    
    ##### IPTABLES #####
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination
    f2b-pureftpd  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 21
    f2b-dovecot-pop3imap  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 110,995,143,993
    f2b-postfix  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25,465,587
    f2b-sshd   tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 22
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    
    Chain f2b-dovecot-pop3imap (1 references)
    target     prot opt source               destination
    RETURN     all  --  [anywhere]/0            [anywhere]/0
    
    Chain f2b-postfix (1 references)
    target     prot opt source               destination
    RETURN     all  --  [anywhere]/0            [anywhere]/0
    
    Chain f2b-pureftpd (1 references)
    target     prot opt source               destination
    RETURN     all  --  [anywhere]/0            [anywhere]/0
    
    Chain f2b-sshd (1 references)
    target     prot opt source               destination
    RETURN     all  --  [anywhere]/0            [anywhere]/0
    
    Note: Port 22 is disabled but this is normal.

    Edit: Apache version:
    Code:
    apachectl -V
    AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.conf:69
    [Tue Dec 31 00:17:45.096083 2019] [alias:warn] [pid 551] AH00671: The Alias directive in /etc/apache2/sites-enabled/ispconfig.conf at line 64 will probably never match because it overlaps an earlier Alias.
    Server version: Apache/2.4.25 (Debian)
    Server built:   2019-10-13T15:43:54
    Server's Module Magic Number: xxxxxxxx:xx
    Server loaded:  APR 1.5.2, APR-UTIL 1.5.4
    Compiled using: APR 1.5.2, APR-UTIL 1.5.4
    Architecture:   64-bit
    Server MPM:     prefork
      threaded:     no
        forked:     yes (variable process count)
    Server compiled with....
     -D APR_HAS_SENDFILE
     -D APR_HAS_MMAP
     -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
     -D APR_USE_SYSVSEM_SERIALIZE
     -D APR_USE_PTHREAD_SERIALIZE
     -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
     -D APR_HAS_OTHER_CHILD
     -D AP_HAVE_RELIABLE_PIPED_LOGS
     -D DYNAMIC_MODULE_LIMIT=256
     -D HTTPD_ROOT="/etc/apache2"
     -D SUEXEC_BIN="/usr/lib/apache2/suexec"
     -D DEFAULT_PIDLOG="/var/run/apache2.pid"
     -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
     -D DEFAULT_ERRORLOG="logs/error_log"
     -D AP_TYPES_CONFIG_FILE="mime.types"
     -D SERVER_CONFIG_FILE="apache2.conf"
    
     
    Last edited: Dec 31, 2019
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    Seems that the certbot version on your server is too old, try to update it with:

    Code:
    apt-get remove certbot
    cd /usr/local/bin
    wget https://dl.eff.org/certbot-auto
    chmod a+x certbot-auto
    ./certbot-auto --install-only
     
  4. Christophe69

    Christophe69 Member HowtoForge Supporter

    Thank you for your response, Till.

    I have done your commands.
    After that, i have tested to check SSL / Let's encrypt of one of my website in the interface, but the checkbox return to "unchecked".

    Do I need to restart Apache or start Cerbot?

    Here is my "var/log/letsencrypt.log" since 16:00 today.
    I have tested to test SSL/LE for my site at 19:30, i don't understand why there is no entry here:

    Code:
    2019-12-30 16:13:34,167:DEBUG:certbot.main:certbot version: 0.28.0
    2019-12-30 16:13:34,168:DEBUG:certbot.main:Arguments: ['-v']
    2019-12-30 16:13:34,168:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
    2019-12-30 16:13:34,174:DEBUG:certbot.log:Root logging level set at 10
    2019-12-30 16:13:34,174:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    2019-12-30 16:13:34,175:DEBUG:certbot.plugins.selection:Requested authenticator None and installer None
    2019-12-30 16:13:34,175:DEBUG:certbot.plugins.selection:No candidate plugin
    2019-12-30 16:13:34,175:DEBUG:certbot.plugins.selection:Selected authenticator None and installer None
    2019-12-30 19:13:46,458:DEBUG:certbot.main:certbot version: 0.28.0
    2019-12-30 19:13:46,459:DEBUG:certbot.main:Arguments: ['-q']
    2019-12-30 19:13:46,459:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
    2019-12-30 19:13:46,464:DEBUG:certbot.log:Root logging level set at 30
    2019-12-30 19:13:46,465:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    2019-12-30 19:13:46,470:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7fd777ee5a58> and installer <certbot.cli._Default object at 0x7fd777ee5a58>
    2019-12-30 19:13:46,473:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,474:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,475:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,476:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,478:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,478:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,480:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,480:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,482:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,482:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,484:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,484:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,486:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,486:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,488:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,488:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,490:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,491:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,492:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,493:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,494:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,495:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,497:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,497:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,499:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,499:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,501:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,501:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,503:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,503:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,505:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,505:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,507:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,508:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,508:WARNING:certbot.renewal:
    Traceback (most recent call last):
      File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 64, in _reconstitute
        renewal_candidate = storage.RenewableCert(full_path, config)
      File "/usr/lib/python3/dist-packages/certbot/storage.py", line 441, in __init__
        "file reference".format(self.configfile))
    certbot.errors.CertStorageError: renewal config file {} is missing a required file reference
    2019-12-30 19:13:46,508:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/ns3009231.ip-151-80-21.eu.conf is broken. Skipping.
    2019-12-30 19:13:46,508:DEBUG:certbot.renewal:Traceback was:
    Traceback (most recent call last):
      File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 64, in _reconstitute
        renewal_candidate = storage.RenewableCert(full_path, config)
      File "/usr/lib/python3/dist-packages/certbot/storage.py", line 441, in __init__
        "file reference".format(self.configfile))
    certbot.errors.CertStorageError: renewal config file {} is missing a required file reference
    
    2019-12-30 19:13:46,510:INFO:certbot.renewal:Cert not yet due for renewal
    2019-12-30 19:13:46,511:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2019-12-30 19:13:46,511:DEBUG:certbot.log:Exiting abnormally:
    Traceback (most recent call last):
      File "/usr/bin/certbot", line 11, in <module>
        load_entry_point('certbot==0.28.0', 'console_scripts', 'certbot')()
      File "/usr/lib/python3/dist-packages/certbot/main.py", line 1340, in main
        return config.func(config, plugins)
      File "/usr/lib/python3/dist-packages/certbot/main.py", line 1247, in renew
        renewal.handle_renewal_request(config)
      File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 455, in handle_renewal_request
        len(renew_failures), len(parse_failures)))
    certbot.errors.Error: 0 renew failure(s), 1 parse failure(s)
    
     
    Last edited: Dec 30, 2019
  5. till

    till Super Moderator Staff Member ISPConfig Developer

  6. Christophe69

    Christophe69 Member HowtoForge Supporter

    Thank you. I was thinking about doing this. I will activate debug mode in a few minutes.
    First, I download the backups of my websites because I'm afraid to restart Apache if we need it.
    As I said, I am beginner in managing servers, and, if it doesn't restart, like Sunday, I might be unable to restart it without outside help.

    I'll post the output of debug.sh in few minutes.
     
  7. Christophe69

    Christophe69 Member HowtoForge Supporter

    /usr/local/ispconfig/server/server.sh
    Code:
    30.12.2019-21:28 - DEBUG - Unable to register function 'spamfilter_wblist_insert' from plugin 'rspamd_plugin' for event 'spamfilter_wblist_insert'
    30.12.2019-21:28 - DEBUG - Unable to register function 'spamfilter_wblist_update' from plugin 'rspamd_plugin' for event 'spamfilter_wblist_update'
    30.12.2019-21:28 - DEBUG - Unable to register function 'spamfilter_wblist_delete' from plugin 'rspamd_plugin' for event 'spamfilter_wblist_delete'
    30.12.2019-21:28 - DEBUG - Unable to register function 'user_settings_update' from plugin 'rspamd_plugin' for event 'spamfilter_users_insert'
    30.12.2019-21:28 - DEBUG - Unable to register function 'user_settings_update' from plugin 'rspamd_plugin' for event 'spamfilter_users_update'
    30.12.2019-21:28 - DEBUG - Unable to register function 'user_settings_update' from plugin 'rspamd_plugin' for event 'spamfilter_users_delete'
    30.12.2019-21:28 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
    30.12.2019-21:28 - DEBUG - Found 1 changes, starting update process.
    30.12.2019-21:28 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
    30.12.2019-21:28 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
    30.12.2019-21:28 - DEBUG - Create Let's Encrypt SSL Cert for: monsite.fr
    30.12.2019-21:28 - DEBUG - Let's Encrypt SSL Cert domains: monsite.fr --domains www.monsite.fr
    30.12.2019-21:28 - WARNING - Let's Encrypt SSL Cert for: monsite.fr could not be issued.
    30.12.2019-21:28 - DEBUG - chmod failed: /var/www/clients/client0/web8/ssl/monsite.fr.key.old.20191230212830 : 256
    30.12.2019-21:28 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/monsite.fr.vhost
    30.12.2019-21:28 - DEBUG - Writing the PHP-FPM config file: /etc/php/7.3/fpm/pool.d/web8.conf
    30.12.2019-21:28 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
    30.12.2019-21:28 - DEBUG - Restarting php-fpm: systemctl reload php7.3-fpm.service
    30.12.2019-21:28 - DEBUG - Apache status is: running
    30.12.2019-21:28 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
    30.12.2019-21:28 - DEBUG - Restarting httpd: systemctl restart apache2.service
    30.12.2019-21:28 - DEBUG - Apache restart return value is: 0
    30.12.2019-21:28 - DEBUG - Apache online status after restart is: running
    30.12.2019-21:28 - DEBUG - Processed datalog_id 311
    30.12.2019-21:28 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
    finished.
    
    Several errors here...
    Chmod failed?

    When i test the chmod value of this file:

    Code:
    stat --format '%a'  /var/www/clients/client0/web8/ssl/monsite.fr.key.old.20191230212830
    stat: impossible d'évaluer '/var/www/clients/client0/web8/ssl/monsite.fr.key.old.20191230212830': Aucun fichier ou dossier de ce type
    
    No file or directory??

    The directory:

    Code:
    [email protected]:/var/www/clients/client0/web8/ssl# ls -l
    total 216
    lrwxrwxrwx 1 root root   49 déc.  30 21:28 monsite.fr.bundle -> /etc/letsencrypt/live/monsite.fr/chain.pem
    -r-------- 1 root root 1647 déc.  30 19:34 monsite.fr.bundle.old.20191230193401
    -r-------- 1 root root 1647 déc.  30 21:28 monsite.fr.bundle.old.20191230212830
    lrwxrwxrwx 1 root root   48 déc.  30 21:28 monsite.fr.crt -> /etc/letsencrypt/live/monsite.fr/cert.pem
    -r-------- 1 root root 2293 déc.  30 19:34 monsite.fr.crt.old.20191230193401
    -r-------- 1 root root 2293 déc.  30 21:28 monsite.fr.crt.old.20191230212830
    lrwxrwxrwx 1 root root   51 déc.  30 21:28 monsite.fr.key -> /etc/letsencrypt/live/monsite.fr/privkey.pem
    -rw-r--r-- 1 root root 3268 déc.  30 19:34 monsite.fr.key.old20191230193401
    -rw-r--r-- 1 root root 3268 déc.  30 21:28 monsite.fr.key.old20191230212830
    lrwxrwxrwx 1 root root   49 déc.  20 04:45 monsite.fr-le.bundle -> /etc/letsencrypt/live/monsite.fr/chain.pem
    -r-------- 1 root root 1647 déc.  19 07:30 monsite.fr-le.bundle.old.20191219073017
    -r-------- 1 root root 1647 déc.  19 07:44 monsite.fr-le.bundle.old.20191219074402
    -r-------- 1 root root 1647 déc.  19 08:21 monsite.fr-le.bundle.old.20191219082102
    -r-------- 1 root root 1647 déc.  19 08:22 monsite.fr-le.bundle.old.20191219082202
    -r-------- 1 root root 1647 déc.  19 08:25 monsite.fr-le.bundle.old.20191219082503
    -r-------- 1 root root 1647 déc.  19 09:03 monsite.fr-le.bundle.old.20191219090303
    -r-------- 1 root root 1647 déc.  19 09:03 monsite.fr-le.bundle.old.20191219090308
    -r-------- 1 root root 1647 déc.  19 09:13 monsite.fr-le.bundle.old.20191219091303
    -r-------- 1 root root 1647 déc.  19 09:13 monsite.fr-le.bundle.old.20191219091308
    -r-------- 1 root root 1647 déc.  19 09:13 monsite.fr-le.bundle.old.20191219091313
    -r-------- 1 root root 1647 déc.  20 03:55 monsite.fr-le.bundle.old.20191220035503
    -r-------- 1 root root 1647 déc.  20 04:45 monsite.fr-le.bundle.old.20191220044503
    lrwxrwxrwx 1 root root   53 déc.  20 04:45 monsite.fr-le.crt -> /etc/letsencrypt/live/monsite.fr/fullchain.pem
    -r-------- 1 root root 3940 déc.  19 07:30 monsite.fr-le.crt.old.20191219073017
    -r-------- 1 root root 3907 déc.  19 07:44 monsite.fr-le.crt.old.20191219074402
    -r-------- 1 root root 3940 déc.  19 08:21 monsite.fr-le.crt.old.20191219082102
    -r-------- 1 root root 3940 déc.  19 08:22 monsite.fr-le.crt.old.20191219082202
    -r-------- 1 root root 3907 déc.  19 08:25 monsite.fr-le.crt.old.20191219082503
    -r-------- 1 root root 3940 déc.  19 09:03 monsite.fr-le.crt.old.20191219090303
    -r-------- 1 root root 3940 déc.  19 09:03 monsite.fr-le.crt.old.20191219090308
    -r-------- 1 root root 3940 déc.  19 09:13 monsite.fr-le.crt.old.20191219091303
    -r-------- 1 root root 3940 déc.  19 09:13 monsite.fr-le.crt.old.20191219091308
    -r-------- 1 root root 3940 déc.  19 09:13 monsite.fr-le.crt.old.20191219091313
    -r-------- 1 root root 3940 déc.  20 03:55 monsite.fr-le.crt.old.20191220035503
    -r-------- 1 root root 3907 déc.  20 04:45 monsite.fr-le.crt.old.20191220044503
    lrwxrwxrwx 1 root root   51 déc.  20 04:45 monsite.fr-le.key -> /etc/letsencrypt/live/monsite.fr/privkey.pem
    -r-------- 1 root root 3268 déc.  19 07:30 monsite.fr-le.key.old.20191219073017
    -r-------- 1 root root 3272 déc.  19 07:44 monsite.fr-le.key.old.20191219074402
    -r-------- 1 root root 3268 déc.  19 08:21 monsite.fr-le.key.old.20191219082102
    -r-------- 1 root root 3268 déc.  19 08:22 monsite.fr-le.key.old.20191219082202
    -r-------- 1 root root 3272 déc.  19 08:25 monsite.fr-le.key.old.20191219082503
    -r-------- 1 root root 3268 déc.  19 09:03 monsite.fr-le.key.old.20191219090303
    -r-------- 1 root root 3268 déc.  19 09:03 monsite.fr-le.key.old.20191219090308
    -r-------- 1 root root 3268 déc.  19 09:13 monsite.fr-le.key.old.20191219091303
    -r-------- 1 root root 3268 déc.  19 09:13 monsite.fr-le.key.old.20191219091308
    -r-------- 1 root root 3268 déc.  19 09:13 monsite.fr-le.key.old.20191219091313
    -r-------- 1 root root 3268 déc.  20 03:55 monsite.fr-le.key.old.20191220035503
    -r-------- 1 root root 3272 déc.  20 04:45 monsite.fr-le.key.old.20191220044503
    lrwxrwxrwx 1 root root   53 déc.  19 08:20 www.monsite.fr-le.bundle -> /etc/letsencrypt/live/www.monsite.fr/chain.pem
    -r-------- 1 root root 1647 déc.  19 07:57 www.monsite.fr-le.bundle.old.20191219075703
    -r-------- 1 root root 1647 déc.  19 08:01 www.monsite.fr-le.bundle.old.20191219080103
    -r-------- 1 root root 1647 déc.  19 08:07 www.monsite.fr-le.bundle.old.20191219080703
    -r-------- 1 root root 1647 déc.  19 08:20 www.monsite.fr-le.bundle.old.20191219082003
    lrwxrwxrwx 1 root root   57 déc.  19 08:20 www.monsite.fr-le.crt -> /etc/letsencrypt/live/www.monsite.fr/fullchain.pem
    -r-------- 1 root root 3924 déc.  19 07:57 www.monsite.fr-le.crt.old.20191219075703
    -r-------- 1 root root 3940 déc.  19 08:01 www.monsite.fr-le.crt.old.20191219080103
    -r-------- 1 root root 3940 déc.  19 08:07 www.monsite.fr-le.crt.old.20191219080703
    -r-------- 1 root root 3940 déc.  19 08:20 www.monsite.fr-le.crt.old.20191219082003
    lrwxrwxrwx 1 root root   55 déc.  19 08:20 www.monsite.fr-le.key -> /etc/letsencrypt/live/www.monsite.fr/privkey.pem
    -r-------- 1 root root 3272 déc.  19 07:57 www.monsite.fr-le.key.old.20191219075703
    -r-------- 1 root root 3268 déc.  19 08:01 www.monsite.fr-le.key.old.20191219080103
    -r-------- 1 root root 3268 déc.  19 08:07 www.monsite.fr-le.key.old.20191219080703
    -r-------- 1 root root 3268 déc.  19 08:20 www.monsite.fr-le.key.old.20191219082003
    What happened here?

    Is see a file named "monsite.fr.key.old20191230212830" at
    21:28 without point between "old" and "20191230212830"????
     
    Last edited: Dec 30, 2019
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats uncritical, these are backups and not used. The actual problem is this:

    30.12.2019-21:28 - WARNING - Let's Encrypt SSL Cert for: monsite.fr could not be issued.

    which means that LE failed, all other issues are just follow up problems of that.

    Please post the result of:

    ls -la /etc/letsencrypt/live/monsite.fr/
     
  9. Christophe69

    Christophe69 Member HowtoForge Supporter

    Thank you for your help, Till.
    The result of
    ls -la /etc/letsencrypt/live/monsite.fr/
    Code:
    total 12
    drwxr-xr-x  2 root root 4096 déc.  18 03:57 .
    drwx------ 21 root root 4096 déc.  29 13:54 ..
    lrwxrwxrwx  1 root root   41 déc.  18 03:57 cert.pem -> ../../archive/monsite.fr/cert1.pem
    lrwxrwxrwx  1 root root   42 déc.  18 03:57 chain.pem -> ../../archive/monsite.fr/chain1.pem
    lrwxrwxrwx  1 root root   46 déc.  18 03:57 fullchain.pem -> ../../archive/monsite.fr/fullchain1.pem
    lrwxrwxrwx  1 root root   44 déc.  18 03:57 privkey.pem -> ../../archive/monsite.fr/privkey1.pem
    -rw-r--r--  1 root root  692 déc.  18 03:57 README
     
  10. Christophe69

    Christophe69 Member HowtoForge Supporter

    If it can help, here is my configuration "System > Server > Web > SSL Settings"
    Code:
    Enable SNI: true
    Makes SPDY available: false
    CA Path:
    CA passphrase:
    "Ca Path" and "CA passphrase" are empty. I don't know if it is a standard/correct configuration...
     
  11. till

    till Super Moderator Staff Member ISPConfig Developer

    Ok, this looks fine so far. Please post the result of this command too:

    ls -la ls -la /etc/letsencrypt/archive/monsite.fr/

    That's ok, these settings are not relevant for Let's encrypt.
     
  12. Christophe69

    Christophe69 Member HowtoForge Supporter

    ls -la /etc/letsencrypt/archive/monsite.fr/
    Code:
    total 24
    drwxr-xr-x  2 root root 4096 déc.  18 03:57 .
    drwx------ 21 root root 4096 déc.  29 13:54 ..
    -rw-r--r--  1 root root 2293 déc.  18 03:57 cert1.pem
    -rw-r--r--  1 root root 1647 déc.  18 03:57 chain1.pem
    -rw-r--r--  1 root root 3940 déc.  18 03:57 fullchain1.pem
    -rw-r--r--  1 root root 3268 déc.  18 03:57 privkey1.pem
     
  13. till

    till Super Moderator Staff Member ISPConfig Developer

    Ok, so the SSL certificate for the website exists but it tries to recreate it nonetheless and says that it failed. There must be a general issue with certbot. Probably the failed ssl cert for ns3009231.ip-151-80-21.eu causes certbot to get stuck. Please run the command:

    certbot delete

    it should show you a lit of domains, choose the cert for ns3009231.ip-151-80-21.eu by typing the list number.
     
  14. Christophe69

    Christophe69 Member HowtoForge Supporter

    I found and deleted two entries.

    certbot-auto delete
    Code:
    8: ns3009231.ip-151-80-21.eu-0001
    9: ns3009231.ip-151-80-21.eu
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Select the appropriate numbers separated by commas and/or spaces, or leave input
    blank to select all options shown (Enter 'c' to cancel): 8 9
    
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Deleted all files relating to certificate ns3009231.ip-151-80-21.eu-0001.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    An unexpected error occurred:
    TypeError: coercing to Unicode: need string or buffer, NoneType found
    Please see the logfiles in /var/log/letsencrypt for more details.
    
    Maybe the error resulted from my attempt to delete 8 and 9 at the same time.

    /var/log/letsencrypt/letsencrypt.log
    Code:
    2019-12-31 10:53:50,805:DEBUG:certbot._internal.main:certbot version: 1.0.0
    2019-12-31 10:53:50,805:DEBUG:certbot._internal.main:Arguments: []
    2019-12-31 10:53:50,805:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
    2019-12-31 10:53:50,818:DEBUG:certbot._internal.log:Root logging level set at 20
    2019-12-31 10:53:50,819:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    2019-12-31 10:55:12,354:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/renewal/ns3009231.ip-151-80-21.eu-0001.conf
    2019-12-31 10:55:12,354:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/ns3009231.ip-151-80-21.eu-0001/cert.pem
    2019-12-31 10:55:12,354:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/ns3009231.ip-151-80-21.eu-0001/privkey.pem
    2019-12-31 10:55:12,355:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/ns3009231.ip-151-80-21.eu-0001/chain.pem
    2019-12-31 10:55:12,355:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/ns3009231.ip-151-80-21.eu-0001/fullchain.pem
    2019-12-31 10:55:12,355:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/ns3009231.ip-151-80-21.eu-0001/README
    2019-12-31 10:55:12,355:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/ns3009231.ip-151-80-21.eu-0001
    2019-12-31 10:55:12,355:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/archive/ns3009231.ip-151-80-21.eu-0001
    2019-12-31 10:55:12,356:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/renewal/ns3009231.ip-151-80-21.eu.conf
    2019-12-31 10:55:12,356:DEBUG:certbot._internal.log:Exiting abnormally:
    Traceback (most recent call last):
      File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 11, in <module>
        sys.exit(main())
      File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 14, in main
        return internal_main.main(cli_args)
      File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py", line 1350, in main
        return config.func(config, plugins)
      File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py", line 1008, in delete
        cert_manager.delete(config)
      File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/cert_manager.py", line 95, in delete
        storage.delete_files(config, certname)
      File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/storage.py", line 345, in delete_files
        os.remove(link)
    TypeError: coercing to Unicode: need string or buffer, NoneType found
    2019-12-31 10:55:12,359:ERROR:certbot._internal.log:An unexpected error occurred:
    2019-12-31 10:55:28,756:DEBUG:certbot._internal.main:certbot version: 1.0.0
    2019-12-31 10:55:28,756:DEBUG:certbot._internal.main:Arguments: []
    2019-12-31 10:55:28,756:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
    2019-12-31 10:55:28,768:DEBUG:certbot._internal.log:Root logging level set at 20
    2019-12-31 10:55:28,769:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    
    After that, if i retry "certbot-auto delete", there are no more entries for ns3009231.ip-151-80-21.eu.
    But in ISPConfig interface, checkboxes SSL and LE are allways checked for the domain ns3009231.ip-151-80-21.eu.
     
  15. till

    till Super Moderator Staff Member ISPConfig Developer

    Leave the site ns3009231.ip-151-80-21.eu alone for now as Let's encrypt seem to fail to issue a cert for it. Does enabling SSL and Let's encrypt in your other site is working now?
     
  16. Christophe69

    Christophe69 Member HowtoForge Supporter

    Apache has not been restarted. All my sites are disconnected now :(.

    /var/log/syslog
    Code:
    Dec 31 11:25:01 ns3009231 CRON[12365]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
    Dec 31 11:25:01 ns3009231 CRON[12366]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:25:01 ns3009231 CRON[12367]: (getmail) CMD (/usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null)
    Dec 31 11:25:01 ns3009231 CRON[12368]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:25:01 ns3009231 pure-ftpd: ([email protected]::1) [INFO] New connection from ::1
    Dec 31 11:25:01 ns3009231 pure-ftpd: ([email protected]::1) [INFO] Logout.
    Dec 31 11:25:38 ns3009231 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=91.170.143.200, lip=151.80.21.61, session=<opyYYf2ah3Vbqo/I>
    Dec 31 11:25:38 ns3009231 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=91.170.143.200, lip=151.80.21.61, session=<ZW+aYf2aiHVbqo/I>
    Dec 31 11:25:40 ns3009231 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=PLAIN, rip=91.170.143.200, lip=151.80.21.61, session=<xRyeYf2aiXVbqo/I>
    Dec 31 11:26:01 ns3009231 CRON[13287]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:26:01 ns3009231 CRON[13288]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:27:01 ns3009231 CRON[13958]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:27:01 ns3009231 CRON[13959]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:27:03 ns3009231 systemd[1]: Reloading The PHP 7.3 FastCGI Process Manager.
    Dec 31 11:27:03 ns3009231 systemd[1]: Reloaded The PHP 7.3 FastCGI Process Manager.
    Dec 31 11:27:03 ns3009231 systemd[1]: Stopping The Apache HTTP Server...
    Dec 31 11:27:03 ns3009231 apachectl[14688]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.conf:69
    Dec 31 11:27:03 ns3009231 apachectl[14688]: AH00526: Syntax error on line 143 of /etc/apache2/sites-enabled/100-ns3009231.ip-151-80-21.eu.vhost:
    Dec 31 11:27:03 ns3009231 apachectl[14688]: SSLCertificateFile: file '/var/www/clients/client0/web19/ssl/ns3009231.ip-151-80-21.eu-le.crt' does not exist or is empty
    Dec 31 11:27:03 ns3009231 apachectl[14688]: Action 'stop' failed.
    Dec 31 11:27:03 ns3009231 apachectl[14688]: The Apache error log may have more information.
    Dec 31 11:27:03 ns3009231 systemd[1]: apache2.service: Control process exited, code=exited status=1
    Dec 31 11:27:03 ns3009231 systemd[1]: Stopped The Apache HTTP Server.
    Dec 31 11:27:03 ns3009231 systemd[1]: apache2.service: Unit entered failed state.
    Dec 31 11:27:03 ns3009231 systemd[1]: apache2.service: Failed with result 'exit-code'.
    Dec 31 11:27:03 ns3009231 systemd[1]: Starting The Apache HTTP Server...
    Dec 31 11:27:03 ns3009231 apachectl[14729]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.conf:69
    Dec 31 11:27:03 ns3009231 apachectl[14729]: AH00526: Syntax error on line 143 of /etc/apache2/sites-enabled/100-ns3009231.ip-151-80-21.eu.vhost:
    Dec 31 11:27:03 ns3009231 apachectl[14729]: SSLCertificateFile: file '/var/www/clients/client0/web19/ssl/ns3009231.ip-151-80-21.eu-le.crt' does not exist or is empty
    Dec 31 11:27:03 ns3009231 apachectl[14729]: Action 'start' failed.
    Dec 31 11:27:03 ns3009231 apachectl[14729]: The Apache error log may have more information.
    Dec 31 11:27:03 ns3009231 systemd[1]: apache2.service: Control process exited, code=exited status=1
    Dec 31 11:27:03 ns3009231 systemd[1]: Failed to start The Apache HTTP Server.
    Dec 31 11:27:03 ns3009231 systemd[1]: apache2.service: Unit entered failed state.
    Dec 31 11:27:03 ns3009231 systemd[1]: apache2.service: Failed with result 'exit-code'.
    Dec 31 11:27:10 ns3009231 systemd[1]: Starting The Apache HTTP Server...
    Dec 31 11:27:10 ns3009231 apachectl[14752]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.conf:69
    Dec 31 11:27:10 ns3009231 apachectl[14752]: AH00526: Syntax error on line 143 of /etc/apache2/sites-enabled/100-ns3009231.ip-151-80-21.eu.vhost:
    Dec 31 11:27:10 ns3009231 apachectl[14752]: SSLCertificateFile: file '/var/www/clients/client0/web19/ssl/ns3009231.ip-151-80-21.eu-le.crt' does not exist or is empty
    Dec 31 11:27:10 ns3009231 apachectl[14752]: Action 'start' failed.
    Dec 31 11:27:10 ns3009231 apachectl[14752]: The Apache error log may have more information.
    Dec 31 11:27:10 ns3009231 systemd[1]: apache2.service: Control process exited, code=exited status=1
    Dec 31 11:27:10 ns3009231 systemd[1]: Failed to start The Apache HTTP Server.
    Dec 31 11:27:10 ns3009231 systemd[1]: apache2.service: Unit entered failed state.
    Dec 31 11:27:10 ns3009231 systemd[1]: apache2.service: Failed with result 'exit-code'.
    Dec 31 11:28:01 ns3009231 CRON[14773]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:28:01 ns3009231 CRON[14774]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    [email protected]:/var/log# ^C
    [email protected]:/var/log# Dec 31 11:25:01 ns3009231 CRON[12365]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
    Dec 31 11:27:03 ns3009231 apachectl[14688]: AH00526: Syntax error on line 143 of /etc/apache2/sites-enabled/100-ns3009231.ip-151-80-21.eu.vhost:
    Dec 31 11:27:03 ns3009231 apachectl[14688]: SSLCertificateFile: file '/var/www/clients/client0/web19/ssl/ns3009231.ip-151-80-21.eu-le.crt' does not exist or is empty
    Dec 31 11:27:03 ns3009231 apachectl[14688]: Action 'stop' failed.
    Dec 31 11:27:03 ns3009231 apachectl[14688]: The Apache error log may have more information.
    Dec 31 11:27:03 ns3009231 systemd[bash: erreur de syntaxe près du symbole inattendu « ( »
    1]: apache2.service: Control process exited, code=exited status=1
    Dec 31 11:27:03 ns3009231 systemd[1]: Stopped The Apache HTTP Server.
    Dec 31 11:27:03 ns3009231 systemd[1]: apache2.service: Unit entered failed state.
    Dec 31 11:27:03 ns3009231 systemd[1]: apache2.service: Failed with result 'exit-code'.
    Dec 31 11:27:03 ns3009231 systemd[1]: Starting The Apache HTTP Server...
    
     
  17. till

    till Super Moderator Staff Member ISPConfig Developer

    run:

    rm /etc/apache2/sites-enabled/100-ns3009231.ip-151-80-21.eu.vhost

    to disable the site for the hostname and then restart apache.
     
  18. Christophe69

    Christophe69 Member HowtoForge Supporter

    Second part of the log
    Code:
    Dec 31 11:27:03 ns3009231 systemd[1]: apache2.service: Unit entered failed state.
    Dec 31 11:27:03 ns3009231 systemd[1]: apache2.service: Failed with result 'exit-code'.
    Dec 31 11:27:10 ns3009231 systemd[1]: Starting The Apache HTTP Server...
    Dec 31 11:27:10 ns3009231 apachectl[14752]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.conf:69
    Dec 31 11:27:10 ns3009231 apachectl[14752]: AH00526: Syntax error on line 143 of /etc/apache2/sites-enabled/100-ns3009231.ip-151-80-21.eu.vhost:
    Dec 31 11:27:10 ns3009231 apachectl[14752]: SSLCertificateFile: file '/var/www/clients/client0/web19/ssl/ns3009231.ip-151-80-21.eu-le.crt' does not exist or is empty
    Dec 31 11:27:10 ns3009231 apachectl[14752]: Action 'start' failed.
    Dec 31 11:27:10 ns3009231 apachectl[14752]: The Apache error log may have more information.
    Dec 31 11:27:10 ns3009231 systemd[1]: apache2.service: Control process exited, code=exited status=1
    Dec 31 11:27:10 ns3009231 systemd[1]: Failed to start The Apache HTTP Server.
    Dec 31 11:27:10 ns3009231 systemd[1]: apache2.service: Unit entered failed state.
    Dec 31 11:27:10 ns3009231 systemd[1]: apache2.service: Failed with result 'exit-code'.
    Dec 31 11:28:01 ns3009231 CRON[14773]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:28:01 ns3009231 CRON[14774]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:29:01 ns3009231 CRON[15446]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:29:01 ns3009231 CRON[15447]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:30:01 ns3009231 CRON[16151]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:30:01 ns3009231 CRON[16150]: (getmail) CMD (/usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null)
    Dec 31 11:30:01 ns3009231 CRON[16152]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:30:01 ns3009231 pure-ftpd: ([email protected]::1) [INFO] New connection from ::1
    Dec 31 11:30:01 ns3009231 pure-ftpd: ([email protected]::1) [INFO] Logout.
    Dec 31 11:31:01 ns3009231 CRON[17068]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:31:01 ns3009231 CRON[17069]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:32:01 ns3009231 CRON[17739]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:32:01 ns3009231 CRON[17740]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:33:01 ns3009231 CRON[18409]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:33:01 ns3009231 CRON[18410]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:34:01 ns3009231 CRON[19082]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Dec 31 11:34:01 ns3009231 CRON[19083]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    
     
  19. Christophe69

    Christophe69 Member HowtoForge Supporter

    Oh my god... This is running now.... :). I was very scared ..
    Thank you for the speed of your responses Till ... Very sincerely!

    Do you think i can try to add the LE certificate to my site now?
     
  20. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, please try to enable Let's encrypt for your website again now.
     

Share This Page