Cant create letsencrypt for website with ispconfig panel

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: test.pangandarankab.go.id

I ran this command:

It produced this output:

My web server is (include version): apache2

The operating system my web server runs on is (include version): Debian 10

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): ISPConfig Version: 3.2.11p2

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.31.0

My problem is when I check on the letsencrypt ssl button, the button again becomes unchecked. Help me to fix that please :frowning:

Please help us by not removing questions from the questionnaire, especially the output question.

1 Like

I'm so sorry sir, I'm newbie here

1 Like

Your site is working with HTTPS and a cert you got today.

If you still have a problem can you explain in more words what is wrong? See the below two SSL test sites that show your site using a recent cert correctly

https://www.ssllabs.com/ssltest/analyze.html?d=test.pangandarankab.go.id&hideResults=on&latest

2 Likes

Yes SIr, I don't know why it works, but my other website (percobaan.pangandarankab.go.id) now can't use letsencrypt ssl, after I do a check on the button letsencrypt ssl always changes to unchecked. my other website uses a different public IP

Was it ever able to get a certificate?

Usually you have to run a program (like ispconfig or certbot) on each server to get a cert on that server. I am not expert with ispconfig so maybe it has advanced options.

Getting a cert with ispconfig on one server should not affect getting a cert on another server.

Did you setup ispconfig or was that provided by a hosting service?

2 Likes

On another virtual server I was previously able to get a certificate pack, as does the website test.pangandarankab.go.id. but now I try on another virtual server that contains the website percobaan.pangandarankab.go.id with a different public ip I can't get the certificate, I've added a public ip on the DNS service I have (cloudflare).

Yes sir I installed ispconfig panel myself because previously not available any panel, only provided Debian OS 10

Is there a log that has error messages on why the cert was not issued? You haven't given us much info to work with.

And, it sounds like a problem with the ISPconfig or server configuration. Have you tried asking about this on the ISPconfig community forum? People there are more familiar with using it and how to debug its problems.

2 Likes

I am trying to create certbot manually with the following code sir

sudo certbot certonly --webroot -w /var/www/clients/client0/web3/ssll -d percobaan.pangandarankab.go.id

No sir, I have not asked the ispconfig community

The percoban domain is proxied at Cloudflare so is using its CDN

The test domain you showed earlier is NOT proxied and the DNS points directly to the IP for that server.

This is important difference. Setting up a server behind a CDN takes extra care. Did you proxy that domain on purpose or was it just a mistake?

nslookup percobaan.pangandarankab.go.id
A    Address: 172.67.170.114
A    Address: 104.21.95.139
AAAA Address: 2606:4700:3031::6815:5f8b
AAAA Address: 2606:4700:3035::ac43:aa72

nslookup test.pangandarankab.go.id
A    Address: 36.89.114.121
1 Like