Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
I
ISPConfig 3
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 480
    • Issues 480
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 22
    • Merge Requests 22
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • ISPConfig
  • ISPConfig 3
  • Issues
  • #6015

Closed
Open
Opened Jan 13, 2021 by Dragan Savic@dsgagi

acme.sh always fails with 'Verify error:Invalid response' msg when using ispconfig_update.sh

short description

Creating LE cert with acme.sh when running ispconfig_update.sh or ispconfig_update.sh --force always fails with Verify error:Invalid response error message.

When using "Manual update instructions", process runs without errors and LE cert is issued and installed for all ISPConfig apps.

correct behaviour

ispconfig_update.sh should function the same as "manual update instruction".

Maybe my reasoning is wrong and "manual update instruction" needs to be used when LE certs are generated for the first time. :)

environment

Server OS: debian

Server OS version: stretch and buster

ISPConfig version: 3.1.5 and newer

Run on multiple server instances, either with no LE client installed before or they had certbot before (which was cleaned along with all files/folders before update).

log entries

ispconfig-update-first-run.txt - first time trying ispconfig_update.sh --force after installing acme.sh client

ispconfig-update-second-run.txt - second time trying ispconfig_update.sh --force

ispconfig-update-third-run.txt - using "manual update instruction"

Make note of /root/.acme.sh/hosting.premiumbrands.rs/ folder contents: cert, fullchain and ca files get generated only on 3rd run.

Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: ispconfig/ispconfig3#6015