Let’s Encrypt Error FAQ

Discussion in 'General' started by till, Oct 5, 2016.

Thread Status:
Not open for further replies.
  1. till

    till Super Moderator Staff Member ISPConfig Developer

    There are many threads that deal with problems to generate SSL certificates with Let’s Encrypt so I start a FAQ here.

    Why does Letsencrypt does not create an SSL cert

    Let’s Encrypt verifies your server by downloading an individual token from each domain of the website, including auto-subdomains, subdomains, and aliasdomains. If one of these domains and subdomains is unreachable (no DNS, wrong DNS etc) then letsencrypt will refuse to create the SSL cert.

    Why does the Let’s Encrypt in ISPConfig get disabled automatically?

    When the creation of the SSL certificate trough Let’s Encrypt fails, then the Let’s Encrypt gets disabled in ISPConfig.

    What can I do if SSL certificate creation with Let’s Encrypt fails?

    - Check that you have Let’s Encrypt installed.
    - Check that all domain names (icl auto subdomain www etc), subdomains and aliasdomains really point to the right website and are working. Open one after another in your browser and test that.
    - If you still use Apache 2.2, then update your ispconfig to git-stable branch with the ispconfig_update.sh script to get an updated vhost template. After you did that, use Tools > resync to apply the new template to all sites or apply it to a single site by altering a value in the site settings and press save, before you try to activate Let’s Encrypt again. This is only necessary on apache 2.2 systems, newer apache 2.4 or nginx systems are not affected.
    - If you updated to ISPConfig 3.1 and deselected the "reconfigure services" option during update (which is selected by default), then Let’s Encrypt will fail as your server is missing the Let’s Encrypt configuration in the ispconfig apache configuration files. Redo the update and chose to reconfigure services in that case.

    Where do I find detailed error messages?

    You can find the log files here: /var/log/letsencrypt
    rob_morin likes this.
Thread Status:
Not open for further replies.

Share This Page