After enableing Let's Encrypt for a Domain, the Domain Status shows "invalid SSL-Certificate".
Opening the Website in HTTP mode gives now error 503. HTTPS shows the backend login form.
Under section Let's Encrypt, status is "OK".
rebooting the server didn't fixed it.
i-MSCP version is: i-MSCP 1.3.7 Build: 20161021
Clicking on "disable" on the Let's Encrypt section, revokes the certificate. Status is now "Unknown error" and activation button is gone.
Problems with Let's Encrypt Plugin
-
- solved
- cmcologne
- Closed
-
-
When logged in as Admin, go to Tools -> Debugger and check errors you see here. You can also force there to run all this stuff again.
-
-
I see "Unknown error". I did rerun the job, but error comes back.
-
First please, provide us the following informations:
i-MSCP version in use- LetsEncrypt plugin version in use
Once done, do the following
- Edit the /etc/imscp/imscp.conf file and set the DEBUG parameter value to 1
- Connect to the control panel as admin and go to the debugger interface
- Rerun the task that failed
- Post the content of the /var/log/imscp/Modules::Plugin_LetsEncrypt.log) file here
-
-
Hi,
Plugin Version is: 1.1.2
in the directory is not such a pem file. There are other certificates, from an other ca.Display MoreCode: /var/log/imscp/Modules::Plugin_LetsEncrypt.log- [Wed Oct 26 13:30:24 2016] [debug] Modules::Plugin::_call: Calling run() method on Plugin::LetsEncrypt
- [Wed Oct 26 13:30:24 2016] [debug] iMSCP::Execute::execute: /usr/local/sbin/certbot-auto revoke --no-self-upgrade --text --agree-tos --non-interactive --verbose --cert-path /var/www/imscp/gui/data/certs/domain1.tld.pem
- [Wed Oct 26 13:30:25 2016] [debug] iMSCP::Execute::getExitCode: Command exited with value: 2
- [Wed Oct 26 13:30:25 2016] [error] Plugin::LetsEncrypt::run: usage:
- certbot-auto [SUBCOMMAND] [options] [-d domain] [-d domain] ...
- Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
- it will attempt to use a webserver both for obtaining and installing the
- cert. Major SUBCOMMANDS are:
- (default) run Obtain & install a cert in your current webserver
- certonly Obtain cert, but do not install it (aka "auth")
- install Install a previously obtained cert in a server
- renew Renew previously obtained certs that are near expiry
- revoke Revoke a previously obtained certificate
- register Perform tasks related to registering with the CA
- rollback Rollback server configuration changes made during install
- config_changes Show changes made to server config during installation
- plugins Display information about installed plugins
- letsencrypt: error: argument --cert-path: No such file or directory
- [Wed Oct 26 13:30:25 2016] [debug] iMSCP::Execute::execute: /usr/local/sbin/certbot-auto revoke --no-self-upgrade --text --agree-tos --non-interactive --verbose --cert-path /var/www/imscp/gui/data/certs/domain2.tld.pem
- [Wed Oct 26 13:30:27 2016] [debug] iMSCP::Execute::getExitCode: Command exited with value: 2
- [Wed Oct 26 13:30:27 2016] [error] Plugin::LetsEncrypt::run: usage:
- certbot-auto [SUBCOMMAND] [options] [-d domain] [-d domain] ...
- Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
- it will attempt to use a webserver both for obtaining and installing the
- cert. Major SUBCOMMANDS are:
- (default) run Obtain & install a cert in your current webserver
- certonly Obtain cert, but do not install it (aka "auth")
- install Install a previously obtained cert in a server
- renew Renew previously obtained certs that are near expiry
- revoke Revoke a previously obtained certificate
- register Perform tasks related to registering with the CA
- rollback Rollback server configuration changes made during install
- config_changes Show changes made to server config during installation
- plugins Display information about installed plugins
- letsencrypt: error: argument --cert-path: No such file or directory
I can not try to get a new cert, because the button is gone.
-
Such problem shouldn't occurs. Here, the certificate cannot be revoked because it is missing... Well, connect to PMA and in the letsencrypt table of the i-MSCP database, remove the related entry manually.
Note: I'll add a check to prevent such error in next version.
-
-
How can i access the imscp databasy by pma? I can only access customers databases via pma.
-
You must connect to pma with the i-MSCP master SQL password. If you forgot the password, look in the /etc/mysql/conf.d/imscp.cnf file. You'll find the username and password.
-
-
Thank you! I got the password, deleted the the rows. After that, the certificates where installed correct. The clock on the server was 12 Hours in the past. Maybe this was the problem.
Is it normal, that a certificate cannot be issued for a subdomain? -
IDN subdomain ?
-