Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
I
ISPConfig 3
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 494
    • Issues 494
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 28
    • Merge Requests 28
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • ISPConfig
  • ISPConfig 3
  • Issues
  • #5296

Closed
Open
Opened Apr 22, 2019 by Viktor@Taran

created certicate www to the domain if the primary site letstseycrypt not confirmed.

short description

sometimes when creating letsencryt certificate is issued only for a domain www.

correct behaviour

If the primary domain did not ask for validation, it is incorrect behavior and it should be noted the generation of certificates on.

environment

Server OS: (/ubuntu 18.04)
ISPConfig 3.1.13 Patch 1 Released

proposed fix

If the main domain does not pass the validation letsencrypt, you need to stop script execution, as the validation domain www does not make sense. If the site for some reason does not have a domain without www for example, there is no access to DNS zone other than www ( theory). The true test of customer behavior to create a website www.site.ru and disable the sub domain www. Re-enable.

top

22.04.2019-13:32 - WARNING - Could not verify domain topengineer.ru, so excluding it from letsencrypt request.
22.04.2019-13:32 - DEBUG - Verified domain www.topengineer.ru should be reachable for letsencrypt.
22.04.2019-13:32 - DEBUG - Create Let's Encrypt SSL Cert for: topengineer.ru
22.04.2019-13:32 - DEBUG - Let's Encrypt SSL Cert domains:  --domains www.topengineer.ru
22.04.2019-13:32 - DEBUG - exec: /usr/bin/letsencrypt certonly -n --text --agree-tos --expand --authenticator webroot --server https://acme-v02.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@topengineer.ru  --domains www.topengineer.ru --webroot-path /usr/local/ispconfig/interface/acme
22.04.2019-13:32 - DEBUG - Let's Encrypt Cert config path is: /etc/letsencrypt/renewal/www.topengineer.ru.conf.
22.04.2019-13:32 - DEBUG - Let's Encrypt Cert file: /etc/letsencrypt/live/www.topengineer.ru/fullchain.pem exists.

333

Edited Apr 22, 2019 by Viktor
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: ispconfig/ispconfig3#5296