Let's Encrypt SSL certificates into ISPConfig error 3.1

Discussion in 'Installation/Configuration' started by Oitsuki, Jan 20, 2017.

  1. Oitsuki

    Oitsuki New Member

    hello,

    During long time I haven't pb with let's encrypt. Bur now it's impossible to read my website error ssl of firefox.
    I make that :
    Panel ispconfig 3.1
    - remove ssl et let encrypt
    - remove certifcate (delete)

    mywebsite/ssl
    remove all files

    Reinstall let's and ssl
    Panel ispconfig
    - SSL and lt's encrypt on
    - create certificate
    I saw my certificate

    mywebsite/ssl I have this
    demo1.****.org.crt
    demo1.****.org.csr
    demo1.****.org.csr.err
    demo1.****.org.key
    demo1.****.org.key.org
    demo1.****.org-le.bundle.err
    demo1.****.org-le.crt
    demo1.****.org-le.crt.err
    demo1.****.org-le.key
    demo1.****.org-le.key.err
    demo1.****.org-le.bundle
    Conclusion : impossible to display a good certificate with https .... error firefox
    How to resolve that. I tryied some way to resolve this problem.

    Tk
     
  2. Oitsuki

    Oitsuki New Member

    When I tried with this site ; https://www.sslshopper.com/certificate-key-matcher.html
    the result

    openssl x509 -in certificate.crt -text -noout
    Error opening Certificate certificate.crt
    135466022930064:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('certificate.crt','r')
    135466022930064:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
    unable to load certificate

    openssl x509 -in certificate.crt -text -noout
    Error opening Certificate certificate.crt
    113444575430288:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('certificate.crt','r')
    113444575430288:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
    unable to load certificate

    openssl x509 -noout -modulus -in certificate.crt | openssl md5
    Error opening Certificate certificate.crt
    116287945483920:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('certificate.crt','r')
    116287945483920:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
    unable to load certificate
    (stdin)= d41d8cd98f00b204e9800998ecf8427e

    openssl rsa -noout -modulus -in privateKey.key | openssl md5
    Error opening Private Key privateKey.key
    118768046360208:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('privateKey.key','r')
    118768046360208:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
    unable to load Private Key
    (stdin)= d41d8cd98f00b204e9800998ecf8427e

    openssl req -noout -modulus -in CSR.csr | openssl md5
    CSR.csr: No such file or directory
    124126015604368:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('CSR.csr','r')
    124126015604368:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
    (stdin)= d41d8cd98f00b204e9800998ecf8427e
     
  3. Oitsuki

    Oitsuki New Member

    edit log :

    E325: ATTENTION
    Trouvé un fichier d'échange nommé ".letsencrypt.log.swp"
    propriété de : root daté : Thu Jan 19 20:15:06 2017
    nom de fichier : /var/log/letsencrypt/letsencrypt.log
    modifié : OUI
    nom d'utilisateur : root nom d'hôte : ns304677.ip-94-23-214.eu
    processus n° : 9785
    Lors de l'ouverture du fichier "letsencrypt.log"
    daté : Sat Jan 21 15:59:02 2017
    PLUS RÉCENT que le fichier d'échange !

    (1) Un autre programme est peut-être en train d'éditer ce fichier.
    Si c'est le cas, faites attention à ne pas vous retrouver avec
    deux versions différentes du même fichier en faisant des modifications. Quittez, ou continuez prudemment.
    (2) Une session d'édition de ce fichier a planté.
    Si c'est le cas, utilisez ":recover" ou "vim -r letsencrypt.log"
    pour récupérer le fichier (voir ":help recovery").
    Si vous l'avez déjà fait, effacez le fichier d'échange ".letsencrypt.log.swp"
    pour éviter ce message.

    Le fichier d'échange ".letsencrypt.log.swp" existe déjà !


    2017-01-21 14:59:02,274:WARNING:certbot.cli:You are running with an old copy of letsencrypt-auto that does not receive updates, and is less reliable than more recent versions. We recommend upgrading to the latest certbot-auto script, or using native OS packages.
    2017-01-21 14:59:02,274:DEBUG:certbot.cli:Deprecation warning circumstances: /root/.local/share/letsencrypt/bin/letsencrypt / {'LANG': 'fr_FR.UTF-8', 'DERBY_HOME': '/usr/lib/jvm/java-8-oracle/db', 'SHELL': '/bin/sh', 'LANGUAGE': 'fr_FR:fr', 'SHLVL': '3', 'J2SDKDIR': '/usr/lib/jvm/java-8-oracle', 'J2REDIR': '/usr/lib/jvm/java-8-oracle/jre', 'PWD': '/usr/local/ispconfig/server', 'LOGNAME': 'root', 'HOME': '/root', 'PATH': '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/jvm/java-8-oracle/bin:/usr/lib/jvm/java-8-oracle/db/bin:/usr/lib/jvm/java-8-oracle/jre/bin', 'JAVA_HOME': '/usr/lib/jvm/java-8-oracle', '_': '/root/.local/share/letsencrypt/bin/letsencrypt'}

    2017-01-21 14:59:02,274:DEBUG:certbot.main:certbot version: 0.10.1
    2017-01-21 14:59:02,274:DEBUG:certbot.main:Arguments: ['-n', '--text', '--agree-tos', '--expand', '--authenticator', 'webroot', '--server', 'https://acme-v01.api.letsencrypt.org/directory', '--rsa-key-size', '4096', '--email', '[email protected]', '--domains', 'demo1.clicshopping.org', '--webroot-path', '/usr/local/ispconfig/interface/acme']
    2017-01-21 14:59:02,275:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#standalone,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#webroot,PluginEntryPoint#apache,PluginEntryPoint#null)
    2017-01-21 14:59:02,275:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2017-01-21 14:59:02,278:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
    Description: Place files in webroot directory
    Interfaces: IAuthenticator, IPlugin
    Entry point: webroot = certbot.plugins.webroot:Authenticator
    Initialized: <certbot.plugins.webroot.Authenticator object at 0x6a1183e89050>
    Prep: True
    2017-01-21 14:59:02,278:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x6a1183e89050> and installer None
    2017-01-21 14:59:02,281:DEBUG:certbot.main:picked account: <Account(5f1a66aef1ba10f0df010d3fe98eafe9)>
    2017-01-21 14:59:02,282:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory.
    2017-01-21 14:59:02,285:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
    2017-01-21 14:59:02,678:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 352
    2017-01-21 14:59:02,679:DEBUG:acme.client:Received response:
    HTTP 200
    Server: nginx
    Content-Type: application/json
    Content-Length: 352
    Boulder-Request-Id: 4ldS-LerwRmX-KKzUgUxn5Hc2bsVt26Or5NpNuRgrVU
    Replay-Nonce: lBIPgDvaxkGMlulo1N8WF5wR7qNterkyFqyxSHFwX1Q
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    Expires: Sat, 21 Jan 2017 14:59:02 GMT
    Cache-Control: max-age=0, no-cache, no-store
    Pragma: no-cache
    Date: Sat, 21 Jan 2017 14:59:02 GMT
    Connection: keep-alive

    {
    "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
    "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
    "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
    "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
    }
    2017-01-21 14:59:02,700:INFO:certbot.renewal:Cert not yet due for renewal
    2017-01-21 14:59:02,700:INFO:certbot.main:Keeping the existing certificate
     

Share This Page