Let's Encrypt is not working ISPconfig3.1


#1

My domain is: endhost.online

I ran this command: grep -r “SSLCertificateFile” /etc/httpd

/etc/httpd/conf/sites-available/ispconfig.vhost: SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
/etc/httpd/conf/sites-available/endhost.online.vhost-le-ssl.conf:SSLCertificateFile /etc/letsencrypt/live/endhost.online-0001/cert.pem
/etc/httpd/conf.d/ssl.conf:# Point SSLCertificateFile at a PEM encoded certificate. If
/etc/httpd/conf.d/ssl.conf:SSLCertificateFile /etc/pki/tls/certs/localhost.crt
/etc/httpd/conf.d/ssl.conf:# the referenced file can be the same as SSLCertificateFile

The operating system my web server runs on is : CentOS 7.6 64-bit

My hosting provider is Hostinger
I can login to a root shell on my machine
I’m using ISPconfig3.1
I am using certbot 0.31.0

But whenever I enable SSL and Let’s Encrypt inside ISPconfig Dashboard, the domain won’t get Let’s Encrypt SSL.

I followed this link for setting up ISPconfig 3:

Still shows:

Note: I am very new to this. So please bear with me.


#2

Hi @Razzlemania

you have created 7 certificates today.

https://crt.sh/?q=endhost.online

7 pre- and 7 leaf certificates. So the certificate creation works. But you have hitted the limit (5 identical certificates in 7 days).

But your domain is completely blocked ( https://check-your-website.server-daten.de/?q=endhost.online ):

Domainname Http-Status redirect Sec. G
http://endhost.online/
31.220.52.58 -2 1.367 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 31.220.52.58:80
http://www.endhost.online/
31.220.52.58 -2 1.367 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 31.220.52.58:80
https://endhost.online/
31.220.52.58 -2 1.370 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 31.220.52.58:443
https://www.endhost.online/
31.220.52.58 -2 1.367 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 31.220.52.58:443

Looks like a firewall.

So it’s impossible to see what works.


#3

Thanks for the reply, this time I re-created my VPS server and I changed to Webmin due to reasons. And now I tried to request certificate again for Let’s Encrypt. And this shows up:

Requesting a new certificate for endhost.online, using the website directory /var/www/html …

… request failed : The native Let’s Encrypt client was used previously on this system, and must be used for all future certificate requests

Is there a way for me to use my existing certificate and remove the other ones?

I am new to this so apologies for that.

Edit: When you mean completely blocked, am I not able to use Let’s Encrypt now?

Edit 2:Alright, ran https://check-your-website.server-daten.de/?q=endhost.online again and seems that can connect now, although forbidden.


#4

I don’t know. That’s a Webmin - restriction. Perhaps your hoster is able to change that.

Good that I have added the history. “Blocked” =

ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 31.220.52.58:443

There was a firewall.

But I see

you have rechecked your domain. Yep, first comes the tcp connection, then the SSL-connection. Then follows the http protocol with http status 200 or 403.

So there are three different protocols used -> a lot of different results.


#5

Thank you for the timely reply, seems to be working now, idk if deleting the /etc/letsencrypt is the right way, but the domain is using Let’s Encrypt now. Thanks for the assistance.


closed #6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.