Trying to build an ISPServer in Azure

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.lil-consulting.com

I ran this command: Create new ISPConfig SSL certificate (yes,no) [no]: yes

It produced this output: Checking / creating certificate for server1.azure.FQDN

Using certificate path /etc/letsencrypt/live/server1.azure.FQDN

Server's public ip(s) (20.254.101.89) not found in A/AAAA records for server1.azure.FQDN:internal IP Address

Ignore DNS check and continue to request certificate? (y,n) [n]: y

Using apache for certificate validation

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Plugins selected: Authenticator webroot, Installer None

Obtaining a new certificate

An unexpected error occurred:

The server will not issue certificates for the identifier :: Error creating new order :: Cannot issue for "...server1.azureFQDN": The ACME server refuses to issue a certificate for this domain name, because it is forbidden by policy

My web server is (include version): Apache2

The operating system my web server runs on is (include version): Ubuntu 20.04 LTS

My hosting provider, if applicable, is: N/A my own azure server

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No - building ISPServer

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 0.40.0

Welcome to the community @alforrest

Your domain name was not used in the certbot command. Just the string server1.azure.FQDN. I am not familiar with ISPconfig but it looks like it was not configured properly to know your domain name.

Another volunteer may know more but otherwise you could try asking on an ISPconfig forum like this one.

Hi Mike, thanks for responding. I replaced the FQDN from Azure with the string when I did the post. Didn't want to give out full server details. What I'm wondering is if there's a way to replace the Azure FQDN with the server and domain name I've set up in an install or update config file?
regards,
Alan.

Sorry but I don't understand your terminology. I am not expert in Azure (or ISPconfig for that matter).

But, the domain name you request a cert for must be in the public DNS system. Isn't that www.lil-consulting.com ?

Ah, just thinking about it Mike, I think I need to check with the ISPConfig crew as it's more likely something there that actually with Let'sEncrypt.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.