Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: www.kepos.at
I ran this command:
It produced this output:
My web server is (include version): Apache2, ISPConfig3
The operating system my web server runs on is (include version): Ubuntu 25.04
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): ISPConfig
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
I have various troubles at least with 3 domains. (30 others work fine on the same invoroment). I think it started with mediation.kepos.at where i cant get a cert for in ISPConfig. When i mark the Box, its unmarked shortly and nothing happens. The biggest problem ist that somehow this problem killed the certificate for the mainsite www.kepos.at which worked fine and no the same thing happens. On the other hand lsb.kepos.at works fine ...until now. Its like a on/off-problem and i sometimes get ceretificate revoked in Firefox. Even without doing anything (Ithink ...i may of course in delays cached content and whatever makes this odd behaviour happen)...Can you help me ot find out whats happening? Last domain with problems i www.painterman.at ..same issue but maybe different cause sice i dont have access to the DNS in this case.
Welcome @StefanGros
This looks like a problem with ISPConfig. We recently helped someone with a similar pattern of certs getting revoked. See: Certificate keeps getting revoked with "Cessation Of Operation" - #10 by frank42hh
They found how to stop ISPConfig from revoking their certs although they still did not understand all the reasons it started happening. That is probably best to ask of ISPConfig support or their community. A quick check on their community found this: certbot keeps revoking certificates | Howtoforge - Linux Howtos and Tutorials
4 Likes
Hi Mike!
Thanks a lot for your response. As you might have notice, i am pretty new in this area. I tried several tools like LetsDebug, which says ervything is fine, or ssl-Checker which says i dont have a cert, but not why it doesnt work. i had some files in the ssl-directory which i finally deleted adn they are not renewed now. Is there a way to check if Lets encrypt issue an certificate and its then not installed properly or if something prevents this process. i am not sure if i expressed what i meatn correctly. I just have to get an idea where to start. I had a lot of other issues caused by DNS errors..but now i have two different websites in the same domain lsb.kepos.at and mediation.kepos.at...one worked perfectly well from start(ls) and the other just doesnt work with ssl. So its cant be a DNS issue afaikt. All settings are xactly the same..30 domains on the sevrer with similar configurations work well. I am totaly lost and confused. I also uncecked the button in ISPconfig for revokation, and i alos have a standard "perfect server" configuration in ISPConfig.
Those two domains have different IP addresses. Should they? We often use https://unboundtest.com to check IP addresses.
You can view issued certs using Certificate Transparency (CT) log viewers. One commonly used is https://crt.sh. Note though that it may lag showing certs for 24H or more and is so active you may have difficulty getting any result. There are many other CT viewers. I can see a cert for mediation issued Mar26 using a CT log viewer.
Given you have, in the past, gotten certs for mediation the problems are in how your server is configured. Or, possibly the DNS as noted.
I like using this SSL connection checker: SSL Checker
Or, sometimes SSL Server Test (Powered by Qualys SSL Labs) There are many SSL testing tools but not all of them give quality results
3 Likes
Yes they show..they are similar but different websites. Two different Ips in the same DNS-Zone..Thats why i cant se a problem in DNS. I used both tests and both say it doenst work (SSL-Checker: "Handshake failed, we haven't received any certificates from the requested server. " SSL-Labs "Assessment failed: No secure protocols supported ". Sop i know that i dont have SSL but none of those sites say why. I also posted on ISPConfig. As i said i am totaly lost. I had all kind of DNS-issues with other sites, and problems with alias-domains...and so on..i was able to fix..but this one is tough. Thanks for your help!
I don't know what you are trying to say there 
Are the two different IP addresses correct?
That is the best place to sort this out. That is configuring your system you just need to find out why it has not configured your system properly for that one domain. We know you got a cert for it at one time. Why your system cannot use it is within ISPConfig
4 Likes
I am sorry. I am legastenic..its a problem to type correctly. My hands do things they shouldnt do.
Yes they should have different IPs.
Till of ISPConfig made a great tool..but hes not very nice to people asking (stupid) questions 
I will try my luck there. Thank you for your very fast responses!
2 Likes