Debugging Letsencrypt certificate renewal
short description
Upgrading from older ISPConfig version may leave Letsencrypt certificate renewal in a broken state.
correct behavior
When running the letsencrypt renewal script:
php -q /usr/local/ispconfig/server/cron_debug.php --cronjob=900-letsencrypt.inc.php
I found that the script looks at a different directory to write the challenge file:
/var/www/.well-known
Where the normal code, when you activate a domain for SSL Letsencrypt for the first time, looks at:
/usr/local/ispconfig/interface/acme/.well-known/acme-challenge
environment
Server OS: ubunut Server OS version: all ISPConfig version: 3.1.x
proposed fix
There are two options to fix this: The quick fix it to just create a simlink
ln -s /usr/local/ispconfig/interface/acme/.well-known/acme-challenge /var/www/.well-known
The propper fix will be to change the renewal script to use the correct directory, but when grepping for '/var/www/.well-known', I could not find where this variable is read from.