Help about Let's Encrypt certificates

Discussion in 'ISPConfig 3 Priority Support' started by Christophe69, Dec 30, 2019.

  1. Christophe69

    Christophe69 Member HowtoForge Supporter

    Oups, i got an big red area on top of my "Sites > Web Domain > monsite.fr > Domain" in the interface.
    Code:
    CONFIGURATION ERROR
    31-12-2019 11:27 :
    Job for apache2.service failed because the control process exited with error code.
    See "systemctl status apache2.service" and "journalctl -xe" for details.

    systemctl status apache2.service
    Code:
    apache2.service - The Apache HTTP Server
       Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
       Active: active (running) since Tue 2019-12-31 11:37:27 CET; 6min ago
      Process: 14688 ExecStop=/usr/sbin/apachectl stop (code=exited, status=1/FAILURE)
      Process: 27486 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS)
      Process: 22016 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
       CGroup: /system.slice/apache2.service
               ├─22061 /usr/sbin/apache2 -k start
               ├─22062 vlogger (access log)
               ├─22063 vlogger (access log)
               ├─22064 /usr/sbin/apache2 -k start
               ├─22065 Passenger watchdog
               ├─22068 Passenger core
               ├─22077 Passenger ust-router
               ├─22108 /usr/sbin/apache2 -k start
               ├─22111 /usr/sbin/apache2 -k start
               ├─22112 /usr/bin/php-cgi -d disable_classes= -d disable_functions= -d magic_quotes_gpc=off -d open_basedir= -d session.save_path=/usr/local/ispconfig/interface/temp
               ├─22113 /usr/bin/php-cgi -d disable_classes= -d disable_functions= -d magic_quotes_gpc=off -d open_basedir= -d session.save_path=/usr/local/ispconfig/interface/temp
               ├─22119 /usr/bin/php-cgi -d disable_classes= -d disable_functions= -d magic_quotes_gpc=off -d open_basedir= -d session.save_path=/usr/local/ispconfig/interface/temp
               ├─22120 /usr/bin/php-cgi -d disable_classes= -d disable_functions= -d magic_quotes_gpc=off -d open_basedir= -d session.save_path=/usr/local/ispconfig/interface/temp
               ├─22128 /usr/sbin/apache2 -k start
               ├─25314 /usr/sbin/apache2 -k start
               ├─25316 /usr/sbin/apache2 -k start
               ├─25318 /usr/sbin/apache2 -k start
               ├─25998 /usr/sbin/apache2 -k start
               ├─26674 /usr/sbin/apache2 -k start
               ├─26675 /usr/sbin/apache2 -k start
               ├─26676 /usr/sbin/apache2 -k start
               ├─26677 /usr/sbin/apache2 -k start
               ├─27353 /usr/sbin/apache2 -k start
               ├─27354 /usr/sbin/apache2 -k start
               └─27355 /usr/sbin/apache2 -k start
    
    déc. 31 11:37:27 ns3009231 systemd[1]: Starting The Apache HTTP Server...
    déc. 31 11:37:27 ns3009231 apachectl[22016]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.conf:69
    déc. 31 11:37:27 ns3009231 apachectl[22016]: [Tue Dec 31 11:37:27.328217 2019] [alias:warn] [pid 22019] AH00671: The Alias directive in /etc/apache2/sites-enabled/ispconfig.conf at line 64 will pro
    déc. 31 11:37:27 ns3009231 systemd[1]: Started The Apache HTTP Server.
    
     
  2. Christophe69

    Christophe69 Member HowtoForge Supporter

    journalctl -xe
    Code:
    déc. 31 11:40:01 ns3009231 CRON[23699]: (smmsp) CMD (test -x /etc/init.d/sendmail && test -x /usr/share/sendmail/sendmail && test -x /usr/lib/sm.bin/sendmail && /usr/share/sendmail/sendmail cron-ms
    déc. 31 11:40:01 ns3009231 CRON[23700]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    déc. 31 11:40:01 ns3009231 CRON[23701]: (getmail) CMD (/usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null)
    déc. 31 11:40:01 ns3009231 CRON[23695]: pam_unix(cron:session): session closed for user getmail
    déc. 31 11:40:01 ns3009231 CRON[23694]: pam_unix(cron:session): session closed for user smmsp
    déc. 31 11:40:01 ns3009231 CRON[23697]: pam_unix(cron:session): session closed for user root
    déc. 31 11:40:01 ns3009231 pure-ftpd[24230]: ([email protected]::1) [INFO] New connection from ::1
    déc. 31 11:40:01 ns3009231 pure-ftpd[24230]: ([email protected]::1) [INFO] Logout.
    déc. 31 11:40:02 ns3009231 CRON[23696]: pam_unix(cron:session): session closed for user root
    déc. 31 11:40:52 ns3009231 dovecot[11917]: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=91.170.143.200, lip=151.80.21.61, session=<EI4VmP2a9nZbqo/I>
    déc. 31 11:40:52 ns3009231 dovecot[11917]: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=91.170.143.200, lip=151.80.21.61, session=<JmoXmP2a93Zbqo/I>
    déc. 31 11:40:54 ns3009231 dovecot[11917]: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=PLAIN, rip=91.170.143.200, lip=151.80.21.61, session
    déc. 31 11:41:01 ns3009231 CRON[24638]: pam_unix(cron:session): session opened for user root by (uid=0)
    déc. 31 11:41:01 ns3009231 CRON[24639]: pam_unix(cron:session): session opened for user root by (uid=0)
    déc. 31 11:41:01 ns3009231 CRON[24640]: pam_unix(cron:session): session opened for user root by (uid=0)
    déc. 31 11:41:01 ns3009231 CRON[24641]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
    déc. 31 11:41:01 ns3009231 CRON[24642]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    déc. 31 11:41:01 ns3009231 CRON[24643]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    déc. 31 11:41:01 ns3009231 CRON[24638]: pam_unix(cron:session): session closed for user root
    déc. 31 11:41:01 ns3009231 CRON[24640]: pam_unix(cron:session): session closed for user root
    déc. 31 11:41:01 ns3009231 CRON[24639]: pam_unix(cron:session): session closed for user root
    déc. 31 11:42:01 ns3009231 CRON[25326]: pam_unix(cron:session): session opened for user root by (uid=0)
    déc. 31 11:42:01 ns3009231 CRON[25327]: pam_unix(cron:session): session opened for user root by (uid=0)
    déc. 31 11:42:01 ns3009231 CRON[25328]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    déc. 31 11:42:01 ns3009231 CRON[25329]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    déc. 31 11:42:02 ns3009231 CRON[25327]: pam_unix(cron:session): session closed for user root
    déc. 31 11:42:02 ns3009231 CRON[25326]: pam_unix(cron:session): session closed for user root
    déc. 31 11:43:01 ns3009231 CRON[26005]: pam_unix(cron:session): session opened for user root by (uid=0)
    déc. 31 11:43:01 ns3009231 CRON[26006]: pam_unix(cron:session): session opened for user root by (uid=0)
    déc. 31 11:43:01 ns3009231 CRON[26007]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    déc. 31 11:43:01 ns3009231 CRON[26008]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    déc. 31 11:43:01 ns3009231 CRON[26006]: pam_unix(cron:session): session closed for user root
    déc. 31 11:43:02 ns3009231 CRON[26005]: pam_unix(cron:session): session closed for user root
    déc. 31 11:44:01 ns3009231 CRON[26686]: pam_unix(cron:session): session opened for user root by (uid=0)
    déc. 31 11:44:01 ns3009231 CRON[26687]: pam_unix(cron:session): session opened for user root by (uid=0)
    déc. 31 11:44:01 ns3009231 CRON[26688]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    déc. 31 11:44:01 ns3009231 CRON[26689]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    déc. 31 11:44:01 ns3009231 CRON[26687]: pam_unix(cron:session): session closed for user root
    déc. 31 11:44:01 ns3009231 CRON[26686]: pam_unix(cron:session): session closed for user root
    déc. 31 11:45:01 ns3009231 CRON[27374]: pam_unix(cron:session): session opened for user root by (uid=0)
    déc. 31 11:45:01 ns3009231 CRON[27375]: pam_unix(cron:session): session opened for user getmail by (uid=0)
    déc. 31 11:45:01 ns3009231 CRON[27376]: pam_unix(cron:session): session opened for user root by (uid=0)
    déc. 31 11:45:01 ns3009231 CRON[27377]: pam_unix(cron:session): session opened for user root by (uid=0)
    déc. 31 11:45:01 ns3009231 CRON[27378]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
    déc. 31 11:45:01 ns3009231 CRON[27379]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    déc. 31 11:45:01 ns3009231 CRON[27381]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    déc. 31 11:45:01 ns3009231 CRON[27380]: (getmail) CMD (/usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null)
    déc. 31 11:45:01 ns3009231 CRON[27374]: pam_unix(cron:session): session closed for user root
    déc. 31 11:45:01 ns3009231 CRON[27375]: pam_unix(cron:session): session closed for user getmail
    déc. 31 11:45:01 ns3009231 CRON[27377]: pam_unix(cron:session): session closed for user root
    déc. 31 11:45:02 ns3009231 pure-ftpd[27888]: ([email protected]::1) [INFO] New connection from ::1
    déc. 31 11:45:02 ns3009231 pure-ftpd[27888]: ([email protected]::1) [INFO] Logout.
    déc. 31 11:45:02 ns3009231 CRON[27376]: pam_unix(cron:session): session closed for user root
    
    I try to re-enable SSL for this site.
     
  3. Christophe69

    Christophe69 Member HowtoForge Supporter

    I try to enable SSL in debug bug.

    Code:
    31.12.2019-11:49 - DEBUG - Unable to register function 'spamfilter_wblist_insert' from plugin 'rspamd_plugin' for event 'spamfilter_wblist_insert'
    31.12.2019-11:49 - DEBUG - Unable to register function 'spamfilter_wblist_update' from plugin 'rspamd_plugin' for event 'spamfilter_wblist_update'
    31.12.2019-11:49 - DEBUG - Unable to register function 'spamfilter_wblist_delete' from plugin 'rspamd_plugin' for event 'spamfilter_wblist_delete'
    31.12.2019-11:49 - DEBUG - Unable to register function 'user_settings_update' from plugin 'rspamd_plugin' for event 'spamfilter_users_insert'
    31.12.2019-11:49 - DEBUG - Unable to register function 'user_settings_update' from plugin 'rspamd_plugin' for event 'spamfilter_users_update'
    31.12.2019-11:49 - DEBUG - Unable to register function 'user_settings_update' from plugin 'rspamd_plugin' for event 'spamfilter_users_delete'
    31.12.2019-11:49 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
    31.12.2019-11:49 - DEBUG - Found 1 changes, starting update process.
    31.12.2019-11:49 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
    31.12.2019-11:49 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
    31.12.2019-11:49 - DEBUG - Create Let's Encrypt SSL Cert for: monsite.fr
    31.12.2019-11:49 - DEBUG - Let's Encrypt SSL Cert domains: monsite.fr --domains www.monsite.fr
    31.12.2019-11:49 - WARNING - Let's Encrypt SSL Cert for: monsite.fr could not be issued.
    31.12.2019-11:49 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/monsite.fr.vhost
    31.12.2019-11:49 - DEBUG - Writing the PHP-FPM config file: /etc/php/7.3/fpm/pool.d/web8.conf
    31.12.2019-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
    31.12.2019-11:49 - DEBUG - Restarting php-fpm: systemctl reload php7.3-fpm.service
    31.12.2019-11:49 - DEBUG - Apache status is: running
    31.12.2019-11:49 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
    31.12.2019-11:49 - DEBUG - Restarting httpd: systemctl restart apache2.service
    31.12.2019-11:49 - DEBUG - Apache restart return value is: 0
    31.12.2019-11:49 - DEBUG - Apache online status after restart is: running
    31.12.2019-11:49 - DEBUG - Processed datalog_id 329
    31.12.2019-11:49 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
    
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    But you tried to enable the let's encrypt checkbox too, right?
     
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Ok, please try to remove the SSL cert for monsite.fr too by using the certbot delete command and then try again to enable Let's encrypt and SSL for the site. If it fails, check the let's encrypt log file to see what's logged there as error.
     
  6. Christophe69

    Christophe69 Member HowtoForge Supporter

    Yes for sure.

    Done. Still not working...

    Same error displayed on "/usr/local/ispconfig/server/server.sh"

    /var/log/letsencrypt/letsencrypt.log
    Code:
    2019-12-31 11:55:31,942:DEBUG:certbot._internal.main:certbot version: 1.0.0
    2019-12-31 11:55:31,943:DEBUG:certbot._internal.main:Arguments: []
    2019-12-31 11:55:31,943:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
    2019-12-31 11:55:31,955:DEBUG:certbot._internal.log:Root logging level set at 20
    2019-12-31 11:55:31,955:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    2019-12-31 11:55:40,624:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/renewal/monsite.fr-0001.conf
    2019-12-31 11:55:40,625:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/monsite.fr-0001/cert.pem
    2019-12-31 11:55:40,625:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/monsite.fr-0001/privkey.pem
    2019-12-31 11:55:40,625:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/monsite.fr-0001/chain.pem
    2019-12-31 11:55:40,626:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/monsite.fr-0001/fullchain.pem
    2019-12-31 11:55:40,626:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/monsite.fr-0001/README
    2019-12-31 11:55:40,626:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/monsite.fr-0001
    2019-12-31 11:55:40,627:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/archive/monsite.fr-0001
    2019-12-31 11:55:51,260:DEBUG:certbot._internal.main:certbot version: 1.0.0
    2019-12-31 11:55:51,261:DEBUG:certbot._internal.main:Arguments: []
    2019-12-31 11:55:51,261:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
    2019-12-31 11:55:51,274:DEBUG:certbot._internal.log:Root logging level set at 20
    2019-12-31 11:55:51,274:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    2019-12-31 11:55:57,641:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/renewal/monsite.fr.conf
    2019-12-31 11:55:57,642:DEBUG:certbot._internal.storage:Unable to delete /etc/letsencrypt/live/monsite.fr/cert.pem
    2019-12-31 11:55:57,642:DEBUG:certbot._internal.storage:Unable to delete /etc/letsencrypt/live/monsite.fr/privkey.pem
    2019-12-31 11:55:57,642:DEBUG:certbot._internal.storage:Unable to delete /etc/letsencrypt/live/monsite.fr/chain.pem
    2019-12-31 11:55:57,642:DEBUG:certbot._internal.storage:Unable to delete /etc/letsencrypt/live/monsite.fr/fullchain.pem
    2019-12-31 11:55:57,642:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/live/monsite.fr/README
    2019-12-31 11:55:57,643:DEBUG:certbot._internal.storage:Unable to remove /etc/letsencrypt/live/monsite.fr; may not be empty.
    2019-12-31 11:55:57,643:DEBUG:certbot._internal.storage:Removed /etc/letsencrypt/archive/monsite.fr
    
    I have got a serious problem no??
    Till, maybe i need "business support"? Maybe this can be more easy to have remote control on my server? I have contacted the "business support" to know if they can resolve my problems, but have not received any response from them since yesterday morning.

    I understand this is difficult to have a speed response from them at this date of the year. Maybe you have an idea? Are you a part of the business support, Till?

    In any case, thank you for the time you spend trying to resolve my problem.
     
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    I'm not providing the business support for ISPConfig anymore but I can have a look at your system tomorrow when Florian does not respond until tomorrow. I'll send you a PM. For today, I will go offline now due to new year :) I'm sorry that we could not fix it here in the forum, something is really messed up in your certbot installation and I don't have a real idea yet what it is. That Florian from Business support team did not respond yet is caused by Xmas / new year, as both were in the middle of the week, most companies here in Germany closed or do just emergency support from Christmas until Jan 06 this year.
     
  8. Christophe69

    Christophe69 Member HowtoForge Supporter

    Thank you for your response.
    Don't be sorry that we could not fix the problem today, you did what you could with great kindness.
    I totally understand that most companies are closed at this period of the year, it is the same here in France. And i understand that you have other things to do for New Year's Eve. :)
    It's really very nice of you to help me.

    Have a great evening for the transition to the new year, Till. :)
    And do not abuse of Champagne :D.
     
    till likes this.
  9. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    Could you please try removing the certbot data directory:
    rm -r /opt/eff.org
    and then install certbot again with certbot-auto --install-only like you did when Till told you to?
     
  10. Christophe69

    Christophe69 Member HowtoForge Supporter

    Hi Croydon. :)
    I have done what you say.
    Do I try to enable LE for my site in debug mode now?
     
  11. till

    till Super Moderator Staff Member ISPConfig Developer

    yes
     
  12. Christophe69

    Christophe69 Member HowtoForge Supporter

    Hahaha this really doesn't want to install a certificate...
    Code:
    31.12.2019-14:29 - DEBUG - Unable to register function 'spamfilter_wblist_insert' from plugin 'rspamd_plugin' for event 'spamfilter_wblist_insert'
    31.12.2019-14:29 - DEBUG - Unable to register function 'spamfilter_wblist_update' from plugin 'rspamd_plugin' for event 'spamfilter_wblist_update'
    31.12.2019-14:29 - DEBUG - Unable to register function 'spamfilter_wblist_delete' from plugin 'rspamd_plugin' for event 'spamfilter_wblist_delete'
    31.12.2019-14:29 - DEBUG - Unable to register function 'user_settings_update' from plugin 'rspamd_plugin' for event 'spamfilter_users_insert'
    31.12.2019-14:29 - DEBUG - Unable to register function 'user_settings_update' from plugin 'rspamd_plugin' for event 'spamfilter_users_update'
    31.12.2019-14:29 - DEBUG - Unable to register function 'user_settings_update' from plugin 'rspamd_plugin' for event 'spamfilter_users_delete'
    31.12.2019-14:29 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
    31.12.2019-14:29 - DEBUG - Found 1 changes, starting update process.
    31.12.2019-14:29 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
    31.12.2019-14:29 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
    31.12.2019-14:29 - DEBUG - Create Let's Encrypt SSL Cert for: monsite.fr
    31.12.2019-14:29 - DEBUG - Let's Encrypt SSL Cert domains: monsite.fr --domains www.monsite.fr
    31.12.2019-14:29 - WARNING - Let's Encrypt SSL Cert for: monsite.fr could not be issued.
    31.12.2019-14:29 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/monsite.fr.vhost
    31.12.2019-14:29 - DEBUG - Writing the PHP-FPM config file: /etc/php/7.3/fpm/pool.d/web8.conf
    31.12.2019-14:29 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
    31.12.2019-14:29 - DEBUG - Restarting php-fpm: systemctl reload php7.3-fpm.service
    31.12.2019-14:29 - DEBUG - Apache status is: running
    31.12.2019-14:29 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
    31.12.2019-14:29 - DEBUG - Restarting httpd: systemctl restart apache2.service
    31.12.2019-14:29 - DEBUG - Apache restart return value is: 0
    31.12.2019-14:29 - DEBUG - Apache online status after restart is: running
    31.12.2019-14:29 - DEBUG - Processed datalog_id 331
    31.12.2019-14:29 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
    finished.
     
  13. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    Wait a sec. Do you have acme.sh installed, too? Using both can make conflicts. Try renaming /root/.acme.sh to /root/.acme.sh.backup and then try again.

    Stop. First try just typing: /root/.acme.sh/acme.sh --upgrade
    then try issuing again
     
  14. Christophe69

    Christophe69 Member HowtoForge Supporter

    Thank for you help Croydon.

    There is no ".acme.sh" in my "/root" directory.
    Code:
    ls -la /root/
    total 68
    drwx------  6 root root 4096 déc.  31 02:02 .
    drwxr-xr-x 22 root root 4096 déc.  29 19:38 ..
    -rw-------  1 root root 7386 déc.  31 02:02 .bash_history
    -rw-r--r--  1 root root  570 janv. 31  2010 .bashrc
    drwxr-xr-x  3 root root 4096 déc.  17 10:18 .cpanm
    -rw-r--r--  1 root root   28 déc.  17 09:09 .email
    drwx------  3 root root 4096 déc.  17 11:07 .gnupg
    -rw-r--r--  1 root root    8 déc.  17 09:09 .mdg
    drwxr-xr-x  2 root root 4096 déc.  17 11:26 .nano
    -rw-r--r--  1 root root  440 déc.  17 09:05 .ovhrc
    -rw-r--r--  1 root root   13 déc.  17 09:09 .pdb
    -rw-r--r--  1 root root  148 août  17  2015 .profile
    -rw-------  1 root root 1024 déc.  17 09:12 .rnd
    -rw-r--r--  1 root root   66 déc.  17 13:23 .selected_editor
    drwx------  2 root root 4096 déc.  17 09:13 .ssh
    -rw-r--r--  1 root root  420 déc.  30 19:21 .wget-hsts
    
    Code:
    [email protected]:~# mv /root/acme.sh /root/acme.sh.backup
    mv: impossible d'évaluer '/root/acme.sh': Aucun fichier ou dossier de ce type
    
    Translation: No file or directory.

    Code:
    [email protected]:~# find / -iname 'acme.sh'
    [email protected]:~# 
    Return nothing.

    Is there any other solution to check if ACME is installed?
     
  15. Christophe69

    Christophe69 Member HowtoForge Supporter

    I must quit for today.
    Thank to Till and Croydon for your help.
    Have a great evening for the transition to the new year.
    See you next year :).
     
  16. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    which /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh
     
  17. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    I assume that you tried to enable a LE cert before you had a (valid) certbot installed. This leads to ISPConfig trying to install acme.sh itself. Maybe this was already long ago so in the meantime that version is outdated and has to be upgraded.
    If I am right and /usr/local/ispconfig/server/scripts/acme.sh exists, check if it is a symlink or something like that.
     
  18. Christophe69

    Christophe69 Member HowtoForge Supporter

    Hi Croydon, and Happy New Year :).

    I don't have "acme.sh" in "/usr/local/ispconfig/server/scripts/"
    Code:
    /usr/local/ispconfig/server/scripts# ls -la
    total 84
    drwxr-s---  2 root root  4096 déc.  29 16:36 .
    drwxr-s--- 13 root root  4096 déc.  29 16:50 ..
    -rwxr-x--x  1 root root   305 déc.  29 16:36 create_daily_nginx_access_logs.sh
    -rwxr-x--x  1 root root  1095 déc.  29 16:36 create_jailkit_chroot.sh
    -rwxr-x--x  1 root root   388 déc.  29 16:36 create_jailkit_programs.sh
    -rwxr-x--x  1 root root   859 déc.  29 16:36 create_jailkit_user.sh
    -rwxr-x---  1 root root  3101 déc.  29 16:36 ispconfig_htaccess.php
    -rwxr-x---  1 root root  4724 déc.  29 16:36 ispconfig_patch
    -rwxr-x---  1 root root  3929 déc.  29 16:36 ispconfig_update.php
    -rwx------  1 root root   160 déc.  29 16:36 ispconfig_update.sh
    -rwx------  1 root root   559 déc.  29 16:36 update_from_dev.sh
    -rwxr-x--x  1 root root   563 déc.  29 16:36 update_from_dev_stable.sh
    -rwxr-x--x  1 root root    68 déc.  29 16:36 update_from_svn.sh
    -rwx------  1 root root   580 déc.  29 16:36 update_from_tgz.sh
    -rwxr-x--x  1 root root  1471 déc.  18 03:48 update_stable.sh
    -rwxr-x---  1 root root 17025 déc.  29 16:36 vlogger
    
    As I said in my initial post, I installed a preconfigured Debian 9 Stretch ISPConfig system and the creation of certificates for my sites worked perfectly before I tried to install a certificate for administration by following the tutorial "Securing ISPConfig 3.1 With a Free Let's Encrypt SSL Certificate" .

    I use the script LE4ISP and Apache has failed to restart.
    With the help of a friend, we managed to restart Apache using the "update" script.

    Apache has restarted but there remains this problem of SSL certificates which no longer work.
    Some sites still have a certificate generated BEFORE the problem occurs, but i cannot create new certificates, and my administration interface still doesn't have a LE certificate.

    It seems that this problem is quite complicated to solve. In any case, it is too much complicated for me ... And I think it is easier for a professional to solve this problem directly by having access to my server.

    I received a response from Florian Schaal. :)

    I hope he will be able to do something to help me.

    In any case, I would like to thank you for your help, and I will keep you informed of developments.
     
    till likes this.
  19. Christophe69

    Christophe69 Member HowtoForge Supporter

    Hi all,
    My problem has been solved by Florian.

    Here is his response:
    Looks like the problem was relatively simple, but it was still too complicated for me.

    In any case, I was too afraid of making a bad manipulation and that the server does not restart. I was more serene to entrust this task to a professional.

    Now I understand my mistake a little better. I shouldn't have used "autodomain www" nor the tutorial https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate.

    And, perhaps I have done something wrong when trying to restart the server. Perhaps we have modified an important configuration of ISPConfig with my friend using an incorrect method...

    However, I don’t really understand why my terminal told me that my version of ISPConfig was 3.1.15p2.

    If we read the information in my second post (#2), we can see a difference between the “Informations” and “Report”.

    Informations :
    Code:
    ISPConfig version : ISPConfig-Version: 3.1.15p2
    Report :
    Code:
    ISPConfig version is 3.1
    The “Informations” were copied from my shell, these are informations given on the “loading screen” just after logging to the server by ssh.
    This is certainly related to the problem.

    Maybe that has misled you in the forum. I don’t know.

    In any case, I am very happy that now everything is working perfectly.

    I wanted to thank you one last time for your help, especially Till.
     
    till likes this.
  20. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    ispconfig does not show any version on the shell. i think, your problem is related to the installer from ovh.
     
    Christophe69 and till like this.

Share This Page