no letsencrypt certs for new domain

Discussion in 'ISPConfig 3 Priority Support' started by chico11mbit, Apr 19, 2019.

  1. chico11mbit

    chico11mbit Member HowtoForge Supporter

    Hello,
    Letsencrypt runs on all domains created so far.
    Now I have created a domain and if I check letsencrypt, the check will disappear later.
    If I do certbot renew --dry-run, this domain will show the following warning message in red:

    Code:
    Attempting to renew cert (domain.de) from /etc/letsencrypt/renewal/domain.de.conf produced an unexpected error: Missing command line flag or config entry for this setting:
    Input the webroot for domain.de:. Skipping.
    Here is the renewal file, created from ispconfig:

    Code:
    # renew_before_expiry = 30 days
    version = 0.31.0
    archive_dir = /etc/letsencrypt/archive/domain.de
    cert = /etc/letsencrypt/live/domain.de/cert.pem
    privkey = /etc/letsencrypt/live/domain.de/privkey.pem
    chain = /etc/letsencrypt/live/domain.de/chain.pem
    fullchain = /etc/letsencrypt/live/domain.de/fullchain.pem
    
    # Options used in the renewal process
    [renewalparams]
    server = https://acme-v02.api.letsencrypt.org/directory
    webroot_path = /usr/local/ispconfig/interface/acme,
    account = cfb4016996f06XXX68a169XXXXXXXXX
    rsa_key_size = 4096
    authenticator = webroot
    [[webroot_map]]
    I have xxx'ed the account.
    All other domain runs the dryrun flawlessly.
    What can i do? The domain without ssl is working.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    There is a bug in latest certbot releases which causes certbot to not insert the domain names in the renewal config sometimes, there is a workaround implemented in ISPConfig git-stable. Update ISPConfig to git-stable branch with ispconfig_update.sh command.
     
    chico11mbit likes this.

Share This Page