Letsencrypt not working on latest ISPConfig

Discussion in 'Installation/Configuration' started by iceget, Jul 10, 2020.

  1. iceget

    iceget Member

    dear community,

    can anybody helps me?

    i got this error message on letsencrypt.log:
    Code:
    2020-07-10 07:08:02,859:DEBUG:certbot.main:Root logging level set at 20
    2020-07-10 07:08:02,860:INFO:certbot.main:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    2020-07-10 07:08:02,861:DEBUG:certbot.main:certbot version: 0.10.2
    2020-07-10 07:08:02,861:DEBUG:certbot.main:Arguments: ['-n', '--text', '--agree-tos', '--expand', '--authenticator', 'webroot', '--server', 'https://acme-v01.api.letsencrypt.org/directory', '--rsa-key-size', '4096', '--email', '[email protected]', '--domains', 'domain.com', '--domains', 'www.domain.com', '--webroot-path', '/usr/local/ispconfig/interface/acme']
    2020-07-10 07:08:02,861:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
    2020-07-10 07:08:02,862:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2020-07-10 07:08:02,862:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
    Description: Place files in webroot directory
    Interfaces: IAuthenticator, IPlugin
    Entry point: webroot = certbot.plugins.webroot:Authenticator
    Initialized: <certbot.plugins.webroot.Authenticator object at 0xb4369d4c>
    Prep: True
    2020-07-10 07:08:02,862:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0xb4369d4c> and installer None
    2020-07-10 07:08:02,873:DEBUG:certbot.main:Picked account: <Account(4e60557748f7a64b6f1de3xxb6c1a95)>
    2020-07-10 07:08:02,874:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory.
    2020-07-10 07:08:02,878:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
    2020-07-10 07:08:03,462:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
    2020-07-10 07:08:03,463:DEBUG:acme.client:Received response:
    HTTP 200
    Server: nginx
    Date: Fri, 10 Jul 2020 07:08:03 GMT
    Content-Type: application/json
    Content-Length: 658
    Connection: keep-alive
    Cache-Control: public, max-age=0, no-cache
    Replay-Nonce: 0001v51NfMmY0eXNKwbjMuvbas5pPxt5kJl7m6MDe6y9q_o
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    {
      "BVDvCvPzxWQ": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
      "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
      "meta": {
        "caaIdentities": [
          "letsencrypt.org"
        ],
        "terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
        "website": "https://letsencrypt.org"
      },
      "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
      "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
      "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
      "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"
    }
    2020-07-10 07:08:03,500:INFO:certbot.main:Obtaining a new certificate
    2020-07-10 07:08:03,500:DEBUG:root:Requesting fresh nonce
    2020-07-10 07:08:03,500:DEBUG:root:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz.
    2020-07-10 07:08:03,646:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0
    2020-07-10 07:08:03,646:DEBUG:acme.client:Received response:
    HTTP 405
    Server: nginx
    Date: Fri, 10 Jul 2020 07:08:03 GMT
    Content-Type: application/problem+json
    Content-Length: 91
    Connection: keep-alive
    Allow: POST
    Cache-Control: public, max-age=0, no-cache
    Replay-Nonce: 0001wMIQjXJePfnubNiFEBIvhcJ2Gt0PzOjYGrb4Fvi7qnM
    
    
    2020-07-10 07:08:03,646:DEBUG:acme.client:Storing nonce: 0001wMIQjXJePfnubNiFEBIvhcJ2Gt0PzOjYGrb4Fvi7qnM
    2020-07-10 07:08:03,647:DEBUG:acme.client:JWS payload:
    {
      "identifier": {
        "type": "dns",
        "value": "domain.com"
      },
      "resource": "new-authz"
    }
    2020-07-10 07:08:03,698:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
    {
      "header": {
        "alg": "RS256",
        "jwk": {
          "e": "AQAB",
          "kty": "RSA",
          "n": "ymj4ll2_pgzECMCH0J_ckOMdhP1Pr1rp-Zio46eN8Mr1hau8vlqpGtzV7y7gLlXZCam8O6BqM5HrEk3bgXkluhk4SiuFJRXJa82B8vYpJou1OhLC8_yz58_86o-_0ItzsgL95ff2wTBf_f7hp6aqY3NtkaMDqRoedbDIa0PLRCqkGQJvhJ_ch-swbn-1FutPQ5wZ7Ldo0YJfhkzdEaw2iHxMvJOUPm8hohJqsBKJWprH1ExQzEg5385zqMoZQkMTBjDWgNR3hx6p--vavBHDF2bHbeBAaC1v5ktOJeeYXW0gKdk_iEfsYOG6zFpqdr3wAuxGqEo2BgUU-CO35_Ikun6sfiGlCLcu5XURRKvWgZL_My-RH7PHmbzLtFzxRZGTZ6ApPvBiULhRi9TexpAexpie8ZkKxzkwwI0noTM7xv5myMBgNpYcQPRXVKydIqUu7uedxrZaINnxtUMunyxE53rQXpneuMn7EV0JGzDTTbni1Jswz5ORX2ssauF_MSm9fcLjbWQY2CHKaUdqjP_t4Jgo3KKl4SopCANMQG4bPc25ysUPigSdk8a_OWFBRUvV_jgYICYxgQhB2C_qTR08hEL4BDwBg-mf_gbEFECkfKOD2_18lRdVpqpmrV0GDBWqoxPyeII7nyWdL1uk_NFQjXad3vPRAhLVWE01sMm2WZ8"
        }
      },
      "protected": "eyJub25jZSI6ICIwMDAxd01JUWpYSmVQZm51Yk5pRkVCSXZoY0oyR3QwUHpPallHcmI0RnZpN3FuTSJ9",
      "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAicmVpbmlzY2gtZ2FzdGhvZi5hdCIKICB9LCAKICAicmVzb3VyY2UiOiAibmV3LWF1dGh6Igp9",
      "signature": "m-ZSBMXNA_9_bkTqFd8iWSn8VYCxqk0PSCzJ-LS9pmppyvIlZ6prYXUFl_62MJrVXhXZOAVq9_RoD5g3ZZUHhjenqW8onChI17WvFKD84PsH8eNnUbmS_FacKRplUihnLJXaHo_pDWKWOZ9owtb63B8ZysFAk-ERZQz4MkgGQtw0hgzCSYAo0QCF2XASbGRrz14_H_8Nfbtlj_WBUNjl0YvYT2KEByMEj4AsZKyaUxo8b94xPdkHC-NK7ec4SAUo-0z2k0ufpzCYuBx7sG2ZopHMEKIwObE7veTFoUD_7Oup31JXN4atPi_gNJ6p3IdqUs4pcctRkkKyjyYUrQK-2xJIoz3PQc9dBSEzofWSDAeMkdg9cYVAaz_1rIW2HBNPmzGeHDIiVqBJEMI2cDqqU2rFHd8MyP7gPbAubXCVIUIuElV_gpzVnMB5m6ZyplEsa1z1mIJS7pumremqTbb2GJCnfEbVJ037TMVT8pZntCa5SCUAfU102fDFIPcdGgXSkfomMN-bVN5g-5AAxVH-TY85-vgvTR4eNs4K7Wbzj0EOSFurWrTkYHn1s4c4uXLZiJbJhhh1zTnS5ASaX8tZ-KbhzEXCSZ7cbWpUqbmcvaiCWZMjv9bY6s5aqqVC1PLXXsyXo2haD5TGbkOkdX8l9Ur5m5649KZMIBPiXmJZ0fQ"
    }
    2020-07-10 07:08:04,223:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 403 230
    2020-07-10 07:08:04,224:DEBUG:acme.client:Received response:
    HTTP 403
    Server: nginx
    Date: Fri, 10 Jul 2020 07:08:04 GMT
    Content-Type: application/problem+json
    Content-Length: 230
    Connection: keep-alive
    Boulder-Requester: 36275232
    Cache-Control: public, max-age=0, no-cache
    Replay-Nonce: 0001iKtNJT65a4KqtUHMePWxmpSJMXWniwkpnBKAQiu43IA
    
    {
      "type": "urn:acme:error:unauthorized",
      "detail": "Error creating new authz :: Validations for new domains are disabled in the V1 API (https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430)",
      "status": 403
    }
    2020-07-10 07:08:04,224:DEBUG:acme.client:Storing nonce: 0001iKtNJT65a4KqtUHMePWxmpSJMXWniwkpnBKAQiu43IA
    2020-07-10 07:08:04,226:DEBUG:certbot.main:Exiting abnormally:
    Traceback (most recent call last):
      File "/usr/bin/letsencrypt", line 11, in <module>
        load_entry_point('certbot==0.10.2', 'console_scripts', 'certbot')()
      File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 849, in main
        return config.func(config, plugins)
      File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 626, in obtain_cert
        action, _ = _auth_from_available(le_client, config, domains, certname, lineage)
      File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 107, in _auth_from_available
        lineage = le_client.obtain_and_enroll_certificate(domains, certname)
      File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 291, in obtain_and_enroll_certificate
        certr, chain, key, _ = self.obtain_certificate(domains)
      File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 262, in obtain_certificate
        self.config.allow_subset_of_names)
      File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 67, in get_authorizations
        domain, self.account.regr.new_authzr_uri)
      File "/usr/lib/python2.7/dist-packages/acme/client.py", line 216, in request_domain_challenges
        typ=messages.IDENTIFIER_FQDN, value=domain), new_authzr_uri)
      File "/usr/lib/python2.7/dist-packages/acme/client.py", line 196, in request_challenges
        new_authz)
      File "/usr/lib/python2.7/dist-packages/acme/client.py", line 671, in post
        return self._post_once(*args, **kwargs)
      File "/usr/lib/python2.7/dist-packages/acme/client.py", line 684, in _post_once
        return self._check_response(response, content_type=content_type)
      File "/usr/lib/python2.7/dist-packages/acme/client.py", line 570, in _check_response
        raise messages.Error.from_json(jobj)
    Error: urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Error creating new authz :: Validations for new domains are disabled in the V1 API (https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430)
    
    
    Maybe the problem is there?

    {
    "type": "urn:acme:error:unauthorized",
    "detail": "Error creating new authz :: Validations for new domains are disabled in the V1 API (https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430)",
    "status": 403
    }


    how i can fix this, thank you so much
     
  2. branov

    branov Member

    acme-v01 is not supported already by LE. Is this a new domain or its renew? If its a renew, open /etc/letsencrypt/renewal/yourdomain.conf and change all occurrences "acme-v01" to "acme-v02"
     
  3. iceget

    iceget Member

    Dear branov,

    thank you for your reply. no, it is a new domain. how i can handle this?

    thank you
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Might be that your certbot version is too old then. Updating certbot might help.
     
    branov likes this.
  5. iceget

    iceget Member

    Hi till,

    Thank you can you tell me how to upgrade cert bot? Because it's on live Server. Thank you so much. Many greets Markus
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    How did you install the currently installed certbot version?
     
  7. iceget

    iceget Member

    Dear Till
    i dont know, can i find it out? i dont know if i installed it via wget, or apt-get.

    thank you
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    You have to uninstall it anyway, so probably you can just try:

    apt-get remove certbot

    if it removes it, then that's fine. If it is not installed that way, then you probably don't have to remove it and can continue with:

    Code:
    cd /usr/local/bin
    wget https://dl.eff.org/certbot-auto
    chmod a+x certbot-auto
    ./certbot-auto --install-only
    and it might be a good idea to back up the whole /etc/letsencrypt folder, just to be sure.
     
    iceget likes this.
  9. iceget

    iceget Member

     
  10. iceget

    iceget Member

    Thank you so much for your help.

    all working now. Thank you till!
     
  11. BenM

    BenM Member

    Hi All,
    Just upgraded ISPconfig from Jessie to Buster, but certbot is not working for getting new certificates.
    Running
    ----------------------------------------------------------------------------
    [email protected]:/usr/local/bin# ./certbot-auto
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator apache, Installer apache

    Please choose an account
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    1: [email protected]:32:51Z (7b64)
    2: [email protected]:04:03Z (35b6)
    3: [email protected]:14:03Z (2cc5)
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Select the appropriate number [1-3] then [enter] (press 'c' to cancel): c
    -----------------------------------------------------------------------------
    Dry-run seems working but from ispconfig it wont.
    log
    2020-07-17 14:44:03,631:DEBUG:certbot._internal.main:certbot version: 1.6.0
    2020-07-17 14:44:03,632:DEBUG:certbot._internal.main:Arguments: ['--domains', 'dematons.nl', '--domains', 'www.dematons.nl']
    2020-07-17 14:44:03,632:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
    2020-07-17 14:44:03,656:DEBUG:certbot._internal.log:Root logging level set at 20
    2020-07-17 14:44:03,657:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log

    I am stuck, the server is running in production, so i can try a lot.
    want can be the problem?
     
  12. till

    till Super Moderator Staff Member ISPConfig Developer

  13. BenM

    BenM Member

    Hi Till,
    I already did check it. What can I do if SSL certificate creation with Let’s Encrypt fails? But no succes.

    [email protected]:~# /usr/local/ispconfig/server/server.sh
    finished.

    Did a reinstall also no luck
     
  14. till

    till Super Moderator Staff Member ISPConfig Developer

    This means you did not enable debug mode and therefore you can not see why it fails, see link in FAQ.
     
  15. BenM

    BenM Member

    Okay,
    [email protected]:~# /usr/local/ispconfig/server/server.sh

    17.07.2020-15:12 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
    17.07.2020-15:12 - DEBUG - Found 2 changes, starting update process.
    17.07.2020-15:12 - DEBUG - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
    17.07.2020-15:12 - DEBUG - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf
    17.07.2020-15:12 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
    17.07.2020-15:12 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - Network configuration disabled in server settings.
    17.07.2020-15:12 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0
    17.07.2020-15:12 - DEBUG - Processed datalog_id 23073
    17.07.2020-15:12 - DEBUG - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
    17.07.2020-15:12 - DEBUG - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf
    17.07.2020-15:12 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
    17.07.2020-15:12 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - Network configuration disabled in server settings.
    17.07.2020-15:12 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0
    17.07.2020-15:12 - DEBUG - Processed datalog_id 23074
    17.07.2020-15:12 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
    17.07.2020-15:12 - DEBUG - Restarting httpd: systemctl restart apache2.service
    17.07.2020-15:12 - DEBUG - Calling function 'restartPostfix' from module 'mail_module'.
    17.07.2020-15:12 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
    finished.
     
  16. till

    till Super Moderator Staff Member ISPConfig Developer

    according to debug output, you did not enable ssl and Let's encrypt checkboxes in a website before you run debug.
     
  17. BenM

    BenM Member

    Sorry, now with a req for ssl and lets encrypt
    [email protected]:~# /usr/local/ispconfig/server/server.sh


    17.07.2020-15:12 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
    17.07.2020-15:12 - DEBUG - Found 2 changes, starting update process.
    17.07.2020-15:12 - DEBUG - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
    17.07.2020-15:12 - DEBUG - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf
    17.07.2020-15:12 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
    17.07.2020-15:12 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - Network configuration disabled in server settings.
    17.07.2020-15:12 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0
    17.07.2020-15:12 - DEBUG - Processed datalog_id 23073
    17.07.2020-15:12 - DEBUG - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
    17.07.2020-15:12 - DEBUG - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf
    17.07.2020-15:12 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
    17.07.2020-15:12 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - Network configuration disabled in server settings.
    17.07.2020-15:12 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
    17.07.2020-15:12 - DEBUG - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0
    17.07.2020-15:12 - DEBUG - Processed datalog_id 23074
    17.07.2020-15:12 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
    17.07.2020-15:12 - DEBUG - Restarting httpd: systemctl restart apache2.service
    17.07.2020-15:12 - DEBUG - Calling function 'restartPostfix' from module 'mail_module'.
    17.07.2020-15:12 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
    finished.
    [email protected]:~# /usr/local/ispconfig/server/server.sh


    17.07.2020-15:24 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
    17.07.2020-15:24 - DEBUG - Found 1 changes, starting update process.
    17.07.2020-15:24 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
    17.07.2020-15:24 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
    17.07.2020-15:24 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client526/web959' - return code: 0
    17.07.2020-15:24 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client526/web959' - return code: 0
    17.07.2020-15:24 - DEBUG - safe_exec cmd: df -T '/var/www/clients/client526/web959'|awk 'END{print $2,$NF}' - return code: 0
    17.07.2020-15:24 - DEBUG - safe_exec cmd: which 'setquota' 2> /dev/null - return code: 0
    17.07.2020-15:24 - DEBUG - safe_exec cmd: setquota -u 'web959' '51200' '52224' 0 0 -a &> /dev/null - return code: 0
    17.07.2020-15:24 - DEBUG - safe_exec cmd: setquota -T -u 'web959' 604800 604800 -a &> /dev/null - return code: 0
    17.07.2020-15:24 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client526/web959' - return code: 0
    17.07.2020-15:24 - DEBUG - Verified domain dematons.nl should be reachable for letsencrypt.
    17.07.2020-15:24 - DEBUG - Verified domain www.dematons.nl should be reachable for letsencrypt.
    17.07.2020-15:24 - DEBUG - Create Let's Encrypt SSL Cert for: dematons.nl
    17.07.2020-15:24 - DEBUG - Let's Encrypt SSL Cert domains: --domains dematons.nl --domains www.dematons.nl
    17.07.2020-15:24 - DEBUG - LE version is 1.6.0, so using certificates command
    17.07.2020-15:24 - DEBUG - exec: /opt/eff.org/certbot/venv/bin/certbot certonly -n --text --agree-tos --expand --authenticator webroot --server https://acme-v02.api.letsencrypt.org/directory --rsa-key-size 4096 --email [email protected] --webroot-map '{"dematons.nl":"\/usr\/local\/ispconfig\/interface\/acme","www.dematons.nl":"\/usr\/local\/ispconfig\/interface\/acme"}'
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator webroot, Installer None
    Missing command line flag or config entry for this setting:
    Please choose an account
    Choices: ['[email protected]:32:51Z (7b64)', '[email protected]:04:03Z (35b6)', '[email protected]:14:03Z (2cc5)']
    17.07.2020-15:24 - DEBUG - LE CERT OUTPUT: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    17.07.2020-15:24 - DEBUG - LE CERT OUTPUT: Found the following matching certs:
    17.07.2020-15:24 - DEBUG - LE CERT OUTPUT: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    17.07.2020-15:24 - DEBUG - LE CERT OUTPUT:
    17.07.2020-15:24 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
    17.07.2020-15:24 - WARNING - Let's Encrypt SSL Cert for: dematons.nl could not be issued.
    17.07.2020-15:24 - WARNING - /opt/eff.org/certbot/venv/bin/certbot certificates --domains dematons.nl --domains www.dematons.nl
    17.07.2020-15:24 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
    17.07.2020-15:24 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
    17.07.2020-15:24 - DEBUG - Creating fastcgi starter script: /var/www/php-fcgi-scripts/web959/.php-fcgi-starter
    17.07.2020-15:24 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/dematons.nl.vhost
    17.07.2020-15:24 - DEBUG - Processed datalog_id 23075
    17.07.2020-15:24 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
    17.07.2020-15:24 - DEBUG - Restarting httpd: systemctl reload apache2.service
    17.07.2020-15:24 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
    finished.
     
  18. BenM

    BenM Member

    its asking for: Please choose an account
     
  19. BenM

    BenM Member

    Till, where can i set the account pref for letsencrypt?
     
  20. till

    till Super Moderator Staff Member ISPConfig Developer

    There should be only one account on your server, seems as if you manually added another one. remove one of the accounts in certbot so there is just one account. Preferably, remove the new account you added as all existing certs are based on the old account and they need that account to renew successfully.
     

Share This Page