Integrate Let's Encrypt SSL certificates into ISPConfig

Discussion in 'Feature Requests' started by gkovacs, Sep 14, 2015.

  1. till

    till Super Moderator Staff Member ISPConfig Developer

    I guess that site b and c have not ssl enabled, check their vhost files. You might have troed to enable le there and LE failed to create the cert so that ssl was disabled again due to the missing ssl cert. What you describe is the default behaviour of the nginx webserver in such a case and not related to the use of letsencrypt or ispconfig. Whenno vhost exists on a givem port (443 in this case), then nginx will show the content of the first website that it finds on the same port in alphabetical order.
     
  2. theoldgit

    theoldgit New Member

    Hi till, thanks for prompt response.

    Checked ssl directory in /var/www/<website>/ssl and only have information in A.com for A.com. B.com/ssl and C.com/ssl are both empty.

    I tried disabling SSL for A.com and generating LE for B.com, but still nothing gets written to B.com/ssl and https still works for A.com.

    Could you suggest a workaround? (Hide SSL for A.com and generate SSL for B.com). Or is this how it must be?

    (@ ahrasis - Don't want to share the Certificate, but seems to be what I am getting)
     
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    The SSL from a, b and c are not related to each other. So that b and c failed is not related to the fact if a exists or has SSL. To see why B and C fail, take a look at the letsencrypt log file, the most likely reason for failing LE certs are problems with dns (e.g. a subdomain of the website does not exist in dns or points to a different server) or you rewrite requests in that site in a way that LE is not able to reach it's verification token. But please make a new thread for that as it's not related to this old feature request you posted to.
     
    ahrasis likes this.
  4. theoldgit

    theoldgit New Member

    Thanks till,

    Will do after further investigation.
     

Share This Page