New problem with letsencrypt

Discussion in 'Installation/Configuration' started by Niels Terp, Jan 30, 2018.

  1. Niels Terp

    Niels Terp New Member HowtoForge Supporter

    Hi there,

    3 months ago I had a problem getting letsencrypt on a Debian 9 installation. Till pointed me to the FAQ https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/. I checked the checkbox
    "Skip Letsencrypt check" under System > Server config > web since my server is behind a NAT router. Then everythings worked fine.

    However, I really needed PHP 5, so I installed a new fresh installation on Debian 8, following the guide https://www.howtoforge.com/tutorial...8-4-jessie-apache-bind-dovecot-ispconfig-3-1/.
    Again, I enabled Skip Letsencrypt check.
    Then this guide uses Apache 2.2, so I updateed my ispconfig to git-stable branch with the ispconfig_update.sh script, I used Tools > resync to apply the new template to all sites.

    But it still does'nt work. When I try to enable SSL and Letsencrypt on my site, the control panel works for some time, and I wait for the number of outstanding operations count down to 0 and disapear. But when I then select that site, neither SSL or Letsencrypt is ticked.

    It looks to me as Letsencrypt still try to do the check, even if the check has been disabled in the controlpanel.

    Cheers

    Niels
     

    Attached Files:

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    No, that's not the case. You won't see anything in the LE log then as iSPConfig would not call the LE command. Your problem is that LE is not able to reach that domain name from outside when it tries to verify the domain ownership.
     
  3. Niels Terp

    Niels Terp New Member HowtoForge Supporter

    Does that mean that I have a problem with my DNS ? I'm using a free external dns. I have two A-records:
    *.mydomain.dk and
    mydomain.dk

    I do not have any CNAME record - if that is the problem, then how should it be set up ?

    When I investigate at mxtoolbox, I note that the domain that cannot be reached is http://mydomain.dk and not as it should be https://mydomain.dk.
     

Share This Page