Let's encrypt certificate suddenly is for a wrong website

Discussion in 'Server Operation' started by Dennis_sp, Jun 28, 2018.

  1. Dennis_sp

    Dennis_sp New Member

    Last night i made an alias domain called opendial.nl that points to my already operational website telforce.nl
    Today someone pointed out i had an certificate error and when checking the site now it says my certificate is for xxxx.nl, another site i have setup in ISPconfig3. Why is it using the wrong cert? Could this be caused by me setting up the aliasdomain? It was working fine before...
     
    Last edited: Jul 16, 2018
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Possible reasons are:

    1) You mixed * and the IP in the ipv4 address field of the sites on your server. Either use * or the IPv4 address for all sites.
    2) One of the affected sites has no SSL enabled.
     
    webcooker likes this.
  3. Dennis_sp

    Dennis_sp New Member

    There was one new site i had added that did not have SSL enabled, i enabled it and ran the cronjob again:

    However my ssh session crashed while it ran so i ran it again:

    /usr/local/ispconfig/server/server.sh
    28.06.2018-17:46 - WARNING - There is already a lockfile set, but no process running with this pid (23220). Continuing.
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for xxxx.nl
    http-01 challenge for xxxx.nl
    Using the webroot path /usr/local/ispconfig/interface/acme for all unmatched domains.
    Waiting for verification...
    Cleaning up challenges
    Unable to clean up challenge directory /usr/local/ispconfig/interface/acme/.well-known/acme-challenge​


    telforce.nl still redirects to yyyyy.nl, i don't get it.
     
    Last edited: Jul 16, 2018
  4. Dennis_sp

    Dennis_sp New Member

    Nevermind it's working again. I forgot to enable SSL for telforce.nl again. So if i want to add a site that does not use SSL how do i add it without disrupting one of the other sites?
     
  5. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    The ending "." in DNS record hostnames is the top level domain, it shows the name is FQDN already and does not need a domain name appended ($ORIGIN setting).
    Where are you writing that dot? I have not touched htaccess for LE certificates, they just work if the OS and ISPConfig are set up properly.
    On the website settings, are all websites set to IP-address OR all set to *? Do not mix the two, like @till wrote in #2.
     
  6. Dennis_sp

    Dennis_sp New Member

    Hi Taleman. They are all set to *. Which dot and where do you see this?
     
  7. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    It was @webcooker. He or she posted a message which I answered. Later the message by webcooker was removed, so my message is now out of context.
     
  8. webcooker

    webcooker New Member

    @Teleman thanks for the answerd i stay to my original post thats i remove it sorry for the confuzed :)
    first time to asking for help in forums sorry
     

Share This Page