Unable to initalize letsencrypt with subdomains

short description

When setting up a site with auto subdomains enable of letsencrypt fails.

environment

• Server OS: debian
• Server OS version: 9.8
• ISPConfig version: 3.1.13
• certbot: 0.33.1
• Apache/2.4.25 (Debian)

Problem behind

in get_letsencrypt_certificate_paths in letsencrypt.inc.php you try to read the related domains from renewal config files due reading the lines in section [[webroot_map]]

But sometimes (I don't know why) certbot does not write these lines into config file. So there is no certificate files given back to request_certificates and then letsencrypt is of course disabled.

A possible stable solution would, instead of parsing the config file of letsencrypt you may use the output of certbot-auto certificates -d <maindomain> -d <subdomain> -d <subdomain> which results always in a single output of associated files like

  Certificate Name: example.com
    Domains: example.com www.example.com
    Expiry Date: xxxxx (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/example.com/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/example.com/privkey.pem

I think parsing such a small blob would be more stable then reading of config files.