kaputte LetsEncrypt/SSL Configuration mit ISPCONFIG

rsaurer90

New Member
Hi Leute,
habe leider meine Konfiguration kaputt gemacht, in dem ich lets encrypt und danach gleichzeitig ssl zertifikat erstellen gemacht habe.
andere domains/webseiten funktionieren problemlos.

In letsencrypt.log hab ich nix/ server.sh sagt nix und ispconfig, nur apache2 error log sagt:

Code:
[Wed Jul 03 17:50:02.811851 2019] [ssl:warn] [pid 11390] AH01909: kronos.pixelcode.at:8080:0 server certificate does NOT include an ID which matches the server name

[Wed Jul 03 17:50:02.811904 2019] [ssl:error] [pid 11390] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / issuer: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / serial: 0A5E411BEFE1832A40230F6F9BC1B0E1F7078CF8 / notbefore: Jun 19 18:42:15 2019 GMT / notafter: Jun 16 18:42:15 2029 GMT]

[Wed Jul 03 17:50:02.811909 2019] [ssl:error] [pid 11390] AH02604: Unable to configure certificate kronos.pixelcode.at:8080:0 for stapling

[Wed Jul 03 17:50:02.811980 2019] [:error] [pid 11390] python_init: Python version mismatch, expected '2.7.6', found '2.7.16'.

[Wed Jul 03 17:50:02.812037 2019] [:error] [pid 11390] python_init: Python executable found '/usr/bin/python'.

[Wed Jul 03 17:50:02.812046 2019] [:error] [pid 11390] python_init: Python path being used '/usr/lib/python2.7:/usr/lib/python2.7/plat-x86_64-linux-gnu:/usr/lib/python2.7/lib-tk:/usr/lib/python2.7/lib-old:/usr/lib/python2.7/lib-dynload'.

[Wed Jul 03 17:50:02.812095 2019] [:notice] [pid 11390] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads.

[Wed Jul 03 17:50:02.812099 2019] [:notice] [pid 11390] mod_python: using mutex_directory /tmp

[Wed Jul 03 17:50:02.819199 2019] [mpm_prefork:notice] [pid 11390] AH00163: Apache/2.4.38 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1b mod_python/3.3.1 Python/2.7.16 configured -- resuming normal operations

[Wed Jul 03 17:50:02.819215 2019] [core:notice] [pid 11390] AH00094: Command line: '/usr/sbin/apache2'

[Wed Jul 03 18:18:02.435500 2019] [mpm_prefork:notice] [pid 11390] AH00169: caught SIGTERM, shutting down

[Wed Jul 03 18:18:02.595956 2019] [ssl:warn] [pid 15415] AH01906: kronos.pixelcode.at:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

[Wed Jul 03 18:18:02.595986 2019] [ssl:warn] [pid 15415] AH01909: kronos.pixelcode.at:8080:0 server certificate does NOT include an ID which matches the server name

[Wed Jul 03 18:18:02.596046 2019] [ssl:error] [pid 15415] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / issuer: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / serial: 0A5E411BEFE1832A40230F6F9BC1B0E1F7078CF8 / notbefore: Jun 19 18:42:15 2019 GMT / notafter: Jun 16 18:42:15 2029 GMT]

[Wed Jul 03 18:18:02.596053 2019] [ssl:error] [pid 15415] AH02604: Unable to configure certificate kronos.pixelcode.at:8080:0 for stapling

[Wed Jul 03 18:18:02.596082 2019] [suexec:notice] [pid 15415] AH01232: suEXEC mechanism enabled (wrapper: /usr/lib/apache2/suexec)

[Wed Jul 03 18:18:02.623212 2019] [ssl:warn] [pid 15421] AH01906: kronos.pixelcode.at:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

[Wed Jul 03 18:18:02.623229 2019] [ssl:warn] [pid 15421] AH01909: kronos.pixelcode.at:8080:0 server certificate does NOT include an ID which matches the server name

[Wed Jul 03 18:18:02.623293 2019] [ssl:error] [pid 15421] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / issuer: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / serial: 0A5E411BEFE1832A40230F6F9BC1B0E1F7078CF8 / notbefore: Jun 19 18:42:15 2019 GMT / notafter: Jun 16 18:42:15 2029 GMT]

[Wed Jul 03 18:18:02.623298 2019] [ssl:error] [pid 15421] AH02604: Unable to configure certificate kronos.pixelcode.at:8080:0 for stapling

[Wed Jul 03 18:18:02.623560 2019] [:error] [pid 15421] python_init: Python version mismatch, expected '2.7.6', found '2.7.16'.

[Wed Jul 03 18:18:02.623856 2019] [:error] [pid 15421] python_init: Python executable found '/usr/bin/python'.

[Wed Jul 03 18:18:02.623862 2019] [:error] [pid 15421] python_init: Python path being used '/usr/lib/python2.7:/usr/lib/python2.7/plat-x86_64-linux-gnu:/usr/lib/python2.7/lib-tk:/usr/lib/python2.7/lib-old:/usr/lib/python2.7/lib-dynload'.

[Wed Jul 03 18:18:02.623871 2019] [:notice] [pid 15421] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads.

[Wed Jul 03 18:18:02.623874 2019] [:notice] [pid 15421] mod_python: using mutex_directory /tmp

[Wed Jul 03 18:18:02.632880 2019] [mpm_prefork:notice] [pid 15421] AH00163: Apache/2.4.38 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1b mod_python/3.3.1 Python/2.7.16 configured -- resuming normal operations

[Wed Jul 03 18:18:02.632897 2019] [core:notice] [pid 15421] AH00094: Command line: '/usr/sbin/apache2'

[Wed Jul 03 18:20:03.066754 2019] [mpm_prefork:notice] [pid 15421] AH00169: caught SIGTERM, shutting down

[Wed Jul 03 18:20:03.172680 2019] [ssl:warn] [pid 15738] AH01906: kronos.pixelcode.at:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

[Wed Jul 03 18:20:03.172714 2019] [ssl:warn] [pid 15738] AH01909: kronos.pixelcode.at:8080:0 server certificate does NOT include an ID which matches the server name

[Wed Jul 03 18:20:03.172829 2019] [ssl:error] [pid 15738] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / issuer: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / serial: 0A5E411BEFE1832A40230F6F9BC1B0E1F7078CF8 / notbefore: Jun 19 18:42:15 2019 GMT / notafter: Jun 16 18:42:15 2029 GMT]

[Wed Jul 03 18:20:03.172840 2019] [ssl:error] [pid 15738] AH02604: Unable to configure certificate kronos.pixelcode.at:8080:0 for stapling

[Wed Jul 03 18:20:03.172873 2019] [suexec:notice] [pid 15738] AH01232: suEXEC mechanism enabled (wrapper: /usr/lib/apache2/suexec)

[Wed Jul 03 18:20:03.200287 2019] [ssl:warn] [pid 15743] AH01906: kronos.pixelcode.at:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

[Wed Jul 03 18:20:03.200305 2019] [ssl:warn] [pid 15743] AH01909: kronos.pixelcode.at:8080:0 server certificate does NOT include an ID which matches the server name

[Wed Jul 03 18:20:03.200354 2019] [ssl:error] [pid 15743] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / issuer: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / serial: 0A5E411BEFE1832A40230F6F9BC1B0E1F7078CF8 / notbefore: Jun 19 18:42:15 2019 GMT / notafter: Jun 16 18:42:15 2029 GMT]

[Wed Jul 03 18:20:03.200359 2019] [ssl:error] [pid 15743] AH02604: Unable to configure certificate kronos.pixelcode.at:8080:0 for stapling

[Wed Jul 03 18:20:03.200408 2019] [:error] [pid 15743] python_init: Python version mismatch, expected '2.7.6', found '2.7.16'.

[Wed Jul 03 18:20:03.200446 2019] [:error] [pid 15743] python_init: Python executable found '/usr/bin/python'.

[Wed Jul 03 18:20:03.200449 2019] [:error] [pid 15743] python_init: Python path being used '/usr/lib/python2.7:/usr/lib/python2.7/plat-x86_64-linux-gnu:/usr/lib/python2.7/lib-tk:/usr/lib/python2.7/lib-old:/usr/lib/python2.7/lib-dynload'.

[Wed Jul 03 18:20:03.200458 2019] [:notice] [pid 15743] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads.

[Wed Jul 03 18:20:03.200461 2019] [:notice] [pid 15743] mod_python: using mutex_directory /tmp

[Wed Jul 03 18:20:03.207164 2019] [mpm_prefork:notice] [pid 15743] AH00163: Apache/2.4.38 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1b mod_python/3.3.1 Python/2.7.16 configured -- resuming normal operations

[Wed Jul 03 18:20:03.207181 2019] [core:notice] [pid 15743] AH00094: Command line: '/usr/sbin/apache2'


habt ihr noch eine idee?

webseite/domain neu erstellen hilft leider auch nicht.
in sites-avaiable und enabled, ist die ssl sektion leer.

bitte, bin am verzweifeln
 
Zuletzt bearbeitet:

nowayback

Well-Known Member
sind die code tags kaputt? so kann das doch keiner lesen...

prüf mal die vhost datei für die domain nach doppelten ssl zertifikat einträgen
 

rsaurer90

New Member
sry, ist mir auch erst hinterher aufgefallen. also certbot sagt folgendes:

ich korrigiere, die letsencrypt.log sagt gar nichts aus.

apache2/error.log:
Code:
[Wed Jul 03 18:55:02.958307 2019] [mpm_prefork:notice] [pid 2457] AH00163: Apache/2.4.38 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1b mod_python/3.3.1 Python/2.7.16 configured -- resuming normal operations
[Wed Jul 03 18:55:02.958322 2019] [core:notice] [pid 2457] AH00094: Command line: '/usr/sbin/apache2'
[Wed Jul 03 19:01:02.736161 2019] [mpm_prefork:notice] [pid 2457] AH00169: caught SIGTERM, shutting down
[Wed Jul 03 19:01:02.847208 2019] [ssl:warn] [pid 3240] AH01906: kronos.pixelcode.at:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Jul 03 19:01:02.847235 2019] [ssl:warn] [pid 3240] AH01909: kronos.pixelcode.at:8080:0 server certificate does NOT include an ID which matches the server name
[Wed Jul 03 19:01:02.847341 2019] [ssl:error] [pid 3240] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / issuer: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / serial: 0A5E411BEFE1832A40230F6F9BC1B0E1F7078CF8 / notbefore: Jun 19 18:42:15 2019 GMT / notafter: Jun 16 18:42:15 2029 GMT]
[Wed Jul 03 19:01:02.847348 2019] [ssl:error] [pid 3240] AH02604: Unable to configure certificate kronos.pixelcode.at:8080:0 for stapling
[Wed Jul 03 19:01:02.847379 2019] [suexec:notice] [pid 3240] AH01232: suEXEC mechanism enabled (wrapper: /usr/lib/apache2/suexec)
SIGTERM handler "exitall" not defined.
[Wed Jul 03 19:01:02.875862 2019] [ssl:warn] [pid 3244] AH01906: kronos.pixelcode.at:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Jul 03 19:01:02.875876 2019] [ssl:warn] [pid 3244] AH01909: kronos.pixelcode.at:8080:0 server certificate does NOT include an ID which matches the server name
[Wed Jul 03 19:01:02.875922 2019] [ssl:error] [pid 3244] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / issuer: emailAddress=admin@alphaground.net,CN=alphaground.net,O=Alphaground,L=Telfs,ST=Austria,C=AT / serial: 0A5E411BEFE1832A40230F6F9BC1B0E1F7078CF8 / notbefore: Jun 19 18:42:15 2019 GMT / notafter: Jun 16 18:42:15 2029 GMT]
[Wed Jul 03 19:01:02.875926 2019] [ssl:error] [pid 3244] AH02604: Unable to configure certificate kronos.pixelcode.at:8080:0 for stapling
[Wed Jul 03 19:01:02.875981 2019] [:error] [pid 3244] python_init: Python version mismatch, expected '2.7.6', found '2.7.16'.
[Wed Jul 03 19:01:02.876016 2019] [:error] [pid 3244] python_init: Python executable found '/usr/bin/python'.
[Wed Jul 03 19:01:02.876018 2019] [:error] [pid 3244] python_init: Python path being used '/usr/lib/python2.7:/usr/lib/python2.7/plat-x86_64-linux-gnu:/usr/lib/python2.7/lib-tk:/usr/lib/python2.7/lib-old:/usr/lib/python2.7/lib-dynload'.
[Wed Jul 03 19:01:02.876027 2019] [:notice] [pid 3244] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads.
[Wed Jul 03 19:01:02.876029 2019] [:notice] [pid 3244] mod_python: using mutex_directory /tmp
[Wed Jul 03 19:01:02.882676 2019] [mpm_prefork:notice] [pid 3244] AH00163: Apache/2.4.38 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1b mod_python/3.3.1 Python/2.7.16 configured -- resuming normal operations
[Wed Jul 03 19:01:02.882691 2019] [core:notice] [pid 3244] AH00094: Command line: '/usr/sbin/apache2'

im vhost steht unter ssl GAR nichts, da er beim aktivieren vom SSL abschmiert.wsl also vor der änderung in der vhost.

<IfModule mod_ssl.c>

</IfModule>
 

rsaurer90

New Member
Problem solved. If you stuck or get the same error, also check your IPv6 settings in DNS. I had two Numbers flipped. So IPv4 was correct, but IPv6 not and i got no error about it.

After reinstalling the server, i ended up with the same problem, so i struggled through the DNS settings. And e voila, AAAA IPv6 correct and the cert was generated perfect.
 

Werbung

Top