Letsencrypt not working for few sites checkbox automatically diabled

Discussion in 'General' started by RUPAN KS, Jun 1, 2018.


    RUPAN KS New Member

    Find the log details below

    2018-06-01 03:00:02,742:DEBUG:certbot.main:certbot version: 0.23.0
    2018-06-01 03:00:02,742:DEBUG:certbot.main:Arguments: ['-n', '--post-hook', "echo '1' > /usr/local/ispconfig/server/le.restart"]
    2018-06-01 03:00:02,742:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
    2018-06-01 03:00:02,760:DEBUG:certbot.log:Root logging level set at 20
    2018-06-01 03:00:02,760:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    2018-06-01 03:00:02,768:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x3059050> and installer <certbot.cli._Default object at 0x3059050>
    2018-06-01 03:00:02,773:INFO:certbot.renewal:Cert not yet due for renewal
    2018-06-01 03:00:02,777:INFO:certbot.renewal:Cert not yet due for renewal
    2018-06-01 03:00:02,781:INFO:certbot.renewal:Cert not yet due for renewal
    2018-06-01 03:00:02,785:INFO:certbot.renewal:Cert not yet due for renewal
    2018-06-01 03:00:02,789:INFO:certbot.renewal:Cert not yet due for renewal
    2018-06-01 03:00:02,792:INFO:certbot.renewal:Cert not yet due for renewal
    2018-06-01 03:00:02,796:INFO:certbot.renewal:Cert not yet due for renewal
    2018-06-01 03:00:02,796:DEBUG:certbot.renewal:no renewal failures
  2. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

  3. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    Basically the reports says there is no renewal error for your LE renewal but you can always check the debug log in /var/log/letsencrypt/letsencrypt.log for other errors.

    The LE checkbox that is not enabled might be due to the facts that you requested LE SSL certs too many times for that sites thus become over the allowed limit and no longer allowed; or the current certs were not originally issued via ISPConfig control panel.

    If it is caused by the first, you'll need to wait a week or so before requesting further.

    For the later, you can remove all the failed sites LE live and archive folders and its renewal file (e.g. with the command below if you are using debian or any of its derivatives) and request new certs again via ISPConfig control panel:
    rm -rf /etc/letsencrypt/*/thefaileddomain.tld*

Share This Page