update 3.1 & letsencrypt tryout messed up my domains

Discussion in 'ISPConfig 3 Priority Support' started by wems, Sep 28, 2016.

  1. wems

    wems New Member HowtoForge Supporter

    i've updated my ispconfig version to 3.1 and wanted to activate letsencrypt.
    that makes my complete apache unreachable.
    after i found and remove the regarding vhost and restart apache i was able to open ispconfig. so i disabled all letsencrypt/ssl checkboxes i've checked before and resync the configuration.

    now my apache is starting again with no error. but all my domains now redirect (301) to the first active webpage that is configured in ispconfig. when i disable the first -> the next active domain in the list will show up - equal what domain name you entered....

    any ideas how to fix this?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Please run:

    apache2ctl -S

    and post the output.
     
  3. wems

    wems New Member HowtoForge Supporter

    here's the output:
    Code:
    AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.vhost:7
    VirtualHost configuration:
    *:8081  sub.serverdomain.tld (/etc/apache2/sites-enabled/000-apps.vhost:9)
    *:8080  sub.serverdomain.tld (/etc/apache2/sites-enabled/000-ispconfig.vhost:9)
    *:80  is a NameVirtualHost
      default server webmail.serverdomain.tld (/etc/apache2/conf-enabled/squirrelmail.conf:34)
      port 80 namevhost webmail.serverdomain.tld (/etc/apache2/conf-enabled/squirrelmail.conf:34)
      port 80 namevhost sub.serverdomain.tld (/etc/apache2/sites-enabled/000-default.conf:1)
      port 80 namevhost domain1.tld (/etc/apache2/sites-enabled/100-domain1.tld.vhost:7)
      alias www.domain1.tld
      port 80 namevhost domain2.tld (/etc/apache2/sites-enabled/100-domain2.tld.vhost:7)
      alias www.domain2.tld
    ServerRoot: "/etc/apache2"
    Main DocumentRoot: "/var/www/html"
    Main ErrorLog: "/var/log/apache2/error.log"
    Mutex rewrite-map: using_defaults
    Mutex authdigest-client: using_defaults
    Mutex fcgid-proctbl: using_defaults
    Mutex ssl-stapling: using_defaults
    Mutex ssl-cache: using_defaults
    Mutex default: dir="/var/lock/apache2" mechanism=fcntl
    Mutex mpm-accept: using_defaults
    Mutex fcgid-pipe: using_defaults
    Mutex authdigest-opaque: using_defaults
    Mutex watchdog-callback: using_defaults
    PidFile: "/var/run/apache2/apache2.pid"
    Define: DUMP_VHOSTS
    Define: DUMP_RUN_CFG
    Define: ENABLE_USR_LIB_CGI_BIN
    User: name="www-data" id=33
    Group: name="www-data" id=33
    
    

    i've deactivated the most domains
    but you will see that the two domains 301 to a domain i've deactivated and the default page (the webmailer) will show up.



    edit:
    i cleaned up the code - because the domain names should be uninteresting
     
    Last edited: Sep 28, 2016
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Which OS do you use and which ispconfig version did you had installed before?
     
  5. wems

    wems New Member HowtoForge Supporter

    it's debian 8 (jessie) and it was the actual ispconfig version before (must be 3.0.5.4p9)
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    That's strange, never seen this. I use Debian 8 on my servers as wel and updated them to 3.1 from 3.0.5.4p9.
     
  7. wems

    wems New Member HowtoForge Supporter

    i do a rollback - i'm on 3.0.5.4p9 again
    will try another switch to 3.1 in a few days...
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, that might be better as fast solution. Before you roll back, make a backup of the current apache config so you can try to compare the config files.
     
  9. wems

    wems New Member HowtoForge Supporter

    hey till,
    i didn't save the configs..... as you said: this was a fast solution :)

    but i make a new snapshot and reproduces my steps to find the related error.
    correct me if i'm wrong: to use ssl on my domains i need to set at last 1 ip in the ispconfig server config - the vserver has only one ip.

    so - at the moment where i'v set the ip and assign all my domain from "*" to my ip the error came back. would this help to find a solution?
     
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    An IP is not needed. You can use SSL also with *, so a change to an IP is not nescessary if you have * now in the websites.

    Yes, this explains the problem and your issue is probably just related to that change and not to the 3.1 update as the same will happen on any other ISPConfig release. The background: A website with an IP has priority over a website with * in apache and nginx and you can not mix * and IP for websites that point to the same IP (like in your case as you have just one IP). So what happens, all requests for websites that have * assigned will go to the first website that has an IP assigned as the IP overrides the domain based selection of the virtual host. The solution is: leave all websites as they are and don't add an IP. If you would want to add an IP, then you would have to change all websites to that IP and in case that your server is behind a router, then this IP has to be the internal server IP and not the external one.
     

Share This Page