Let's encrypt certificate suddenly is for a wrong website

Discussion in 'Server Operation' started by Dennis_sp, Jun 28, 2018.

  1. Dennis_sp

    Dennis_sp New Member

    Last night i made an alias domain called opendial.nl that points to my already operational website telforce.nl
    Today someone pointed out i had an certificate error and when checking the site now it says my certificate is for xxxx.nl, another site i have setup in ISPconfig3. Why is it using the wrong cert? Could this be caused by me setting up the aliasdomain? It was working fine before...
     
    Last edited: Jul 16, 2018 at 8:48 AM
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Possible reasons are:

    1) You mixed * and the IP in the ipv4 address field of the sites on your server. Either use * or the IPv4 address for all sites.
    2) One of the affected sites has no SSL enabled.
     
    webcooker likes this.
  3. Dennis_sp

    Dennis_sp New Member

    There was one new site i had added that did not have SSL enabled, i enabled it and ran the cronjob again:

    However my ssh session crashed while it ran so i ran it again:

    /usr/local/ispconfig/server/server.sh
    28.06.2018-17:46 - WARNING - There is already a lockfile set, but no process running with this pid (23220). Continuing.
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for xxxx.nl
    http-01 challenge for xxxx.nl
    Using the webroot path /usr/local/ispconfig/interface/acme for all unmatched domains.
    Waiting for verification...
    Cleaning up challenges
    Unable to clean up challenge directory /usr/local/ispconfig/interface/acme/.well-known/acme-challenge​


    telforce.nl still redirects to yyyyy.nl, i don't get it.
     
    Last edited: Jul 16, 2018 at 8:49 AM
  4. Dennis_sp

    Dennis_sp New Member

    Nevermind it's working again. I forgot to enable SSL for telforce.nl again. So if i want to add a site that does not use SSL how do i add it without disrupting one of the other sites?
     
  5. Taleman

    Taleman Active Member HowtoForge Supporter

    The ending "." in DNS record hostnames is the top level domain, it shows the name is FQDN already and does not need a domain name appended ($ORIGIN setting).
    Where are you writing that dot? I have not touched htaccess for LE certificates, they just work if the OS and ISPConfig are set up properly.
    On the website settings, are all websites set to IP-address OR all set to *? Do not mix the two, like @till wrote in #2.
     
  6. Dennis_sp

    Dennis_sp New Member

    Hi Taleman. They are all set to *. Which dot and where do you see this?
     
  7. Taleman

    Taleman Active Member HowtoForge Supporter

    It was @webcooker. He or she posted a message which I answered. Later the message by webcooker was removed, so my message is now out of context.
     
  8. webcooker

    webcooker New Member

    @Teleman thanks for the answerd i stay to my original post thats i remove it sorry for the confuzed :)
    first time to asking for help in forums sorry
     

Share This Page