lost access to ispconfig

Discussion in 'ISPConfig 3 Priority Support' started by hadizeid, Feb 14, 2018.

  1. hadizeid

    hadizeid New Member

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Delete the symlink for sub.domain.com in /etc/apache2/sites-enabled/ and restart apache.
     
  3. hadizeid

    hadizeid New Member

    Did that and apache is not restarting.
    showing this error:
    Code:
    -- Unit apache2.service has begun starting up.
    Feb 15 15:54:27 mhd101 apachectl[8366]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled
    Feb 15 15:54:27 mhd101 apachectl[8366]: AH00526: Syntax error on line 63 of /etc/apache2/sites-enabled/000-ispconfig.vhost:
    Feb 15 15:54:27 mhd101 apachectl[8366]: SSLCertificateFile: file '/usr/local/ispconfig/interface/ssl/ispserver.crt' does not exist or is empty
    Feb 15 15:54:27 mhd101 apachectl[8366]: Action 'start' failed.
    Feb 15 15:54:27 mhd101 apachectl[8366]: The Apache error log may have more information.
    Feb 15 15:54:27 mhd101 systemd[1]: apache2.service: Control process exited, code=exited status=1
    Feb 15 15:54:27 mhd101 systemd[1]: Failed to start The Apache HTTP Server.
    
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    ok, your problem is the missing ssl cert in the ISPConfig vhost. An easy way to recreate it is to do an ispconfig update:

    ispconfig_update.sh

    choose git-stable as update target. when the updater asks you to craete a new ssl cert for the ispconfig vhost, choose yes.
     
  5. hadizeid

    hadizeid New Member

    Thanks Till,
    i gained access back to server.
    but i again tried to walkthrough the tutorial and got stuck again.
    what could be the major cause?
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    Maybe the let's encrypt ssl cert could not be issued. Did you check that the SSL and let's encrypt checkboxes of the website were the domain name is the hostname of your server stay checked and are you able to reach that website with https?
     
  7. hadizeid

    hadizeid New Member

    Hi Till,
    again with some trouble.
    now all the steps are ok except when i restart apache.
    when issuing

    service apache2 restart

    Enter passphrase for SSL/TLS keys for sub.domain.tld:8877 (RSA):
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    The problem is your SSL cert. You seem to have installed an SSL cert that is password protected but for Apache, you have to install one without password protection as Apache and the whole server will not start otherwise.
     
  9. hadizeid

    hadizeid New Member

    Hi Till,
    i have followed the turtorial in my first post. and thee ssl should be from let's encrypt.
    is there a way to trace where i did something wrong?
    Thanks
     
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    I haven't seen an encrypted key for LE yet. Maybe you use a different key file instead of linking to the key that letsencrypt created.
     
  11. hadizeid

    hadizeid New Member

    something weird.
    i have checked in /etc/letsencrypt/live/ and i found
    sub.domain.tld and another sub.domain.tld-0001
    when i used the the 0001 everything worked perfect.

    Now if i delete both folders and redo all the steps again should that be ok.
    or should i do something else to correct this.
    also what could be the reason for having these 2 folders.?
     
  12. till

    till Super Moderator Staff Member ISPConfig Developer

    Letsencrypt does this renaming sometimes when something changes in the ssl cert. Using the -0001 version is the right way by pointing the symlinks to that version instead, I won't leet LE recreate the certs.
     
    hadizeid likes this.

Share This Page