Hallo,
installiertes System ist frisch mit Debian 8, Domain wird korrekt aufgelöst.
Bei der Installation von KeyHelp traten auch keine Fehler auf. Ich habe dann einen User erstellt, die Domain dem User zugewiesen.
Alle Einstellungen für SSL eingestellt. Dem User https letsencrypt zugewiesen.
Wenn ich die Domain über https aufrufe bekomme ich immer angezeigt "Die Seite ist nicht sicher"
Jetzt habe ich es aber so das ich immer ein rotes Ausführungszeichen vor der Domain stehen habe und bekomme den Fehler:
weiteres siehe auch Bild.
Wäre nett wenn einer weiter helfen kann.
Servermeldung sagt:
1. a lets encrypt error occurred for domain "www.meinedomain.de"
2. a lets encrypt error occurred for domain "meinedomain.de"
3. missing certificate component for realm "panel"
4. error while acquiring lets encrypt certificate for server services
Let's Encrypt Zertifikat [GELÖST]
Let's Encrypt Zertifikat
- Attachments
-
-
-
Last edited by sv3n on Sun 19. Nov 2017, 12:07, edited 1 time in total.
Mfg Sven
Re: Let's Encrypt Zertifikat [GELÖST]
Hallo,
bitte hierzu einmal in den folgenden Thread schauen, dies dürfte das Problem beseitigen:
viewtopic.php?f=6&t=588#p3646
bitte hierzu einmal in den folgenden Thread schauen, dies dürfte das Problem beseitigen:
viewtopic.php?f=6&t=588#p3646
Viele Grüße,
Martin
Martin
Re: Let's Encrypt Zertifikat
Ja sind sie.
Grüße
Rene
Grüße
Rene
Manchmal ist die dämlichste Idee, die beste Lösung 
Re: Let's Encrypt Zertifikat
Martin wrote: ↑Sun 19. Nov 2017, 14:23 Hallo,
bitte hierzu einmal in den folgenden Thread schauen, dies dürfte das Problem beseitigen:
viewtopic.php?f=6&t=588#p3646
Alexander wrote: ↑Wed 15. Nov 2017, 13:16 Bis im nächsten KeyHelp-Update dann die Standard-Teilnahmevereinbarung aktualisiert werden kann, müsste man nun unter "Panel-Einstellungen > Let's Ecnrypt" im Feld "Let's Encrypt Teilnahmevereinbarung" den folgenden Link eintragen.
Anschließend noch einmal die betroffene Domain zum Bearbeiten öffnen, und Speichern klicken, das triggert ein Neu-Schreiben der Config.Code: Select all
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
Problem besteht weiterhin, ich kann keine Links eintragen.
Mfg Sven
Re: Let's Encrypt Zertifikat
Moin,
Bitte nochmal schauen, was nun in den Logs steht (Panel-Aufgaben-Tasks -> update.log bzw. ssl-maintenance) und dort die Stelle der Let's Encrypt Akquirierung hier posten - Suchwort "Using certificate authority" - ab da geht es los).
Bitte nochmal schauen, was nun in den Logs steht (Panel-Aufgaben-Tasks -> update.log bzw. ssl-maintenance) und dort die Stelle der Let's Encrypt Akquirierung hier posten - Suchwort "Using certificate authority" - ab da geht es los).
Mit freundlichen Grüßen / Best regards
Alexander Mahr
**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
Alexander Mahr
**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
Re: Let's Encrypt Zertifikat
Gerne ab Using certificate authority-> bis zum Ende des logs:
[05-Dec-2017 19:55:01] INFO --> load tasks ... 1 found
[05-Dec-2017 19:55:01] DEBUG --> task type IDs: 810
[05-Dec-2017 19:55:01] INFO --> CRON_SSL_REFRESHSERVICE
[05-Dec-2017 19:55:01] DEBUG --> params: - no params -
[05-Dec-2017 19:55:01] DEBUG --> no lets encrypt certs found, we request a new one
[05-Dec-2017 19:55:01] DEBUG --> Using certificate authority "https://acme-v01.api.letsencrypt.org".
[05-Dec-2017 19:55:01] DEBUG --> Using terms of service "https://letsencrypt.org/documents/LE-SA ... 5-2017.pdf".
[05-Dec-2017 19:55:01] DEBUG --> Account already registered. Continue.
[05-Dec-2017 19:55:01] DEBUG --> Start certificate generation process for domains.
[05-Dec-2017 19:55:01] DEBUG --> Request callenge for "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de".
[05-Dec-2017 19:55:01] DEBUG --> Sending signed request to "/acme/new-authz".
[05-Dec-2017 19:55:02] DEBUG --> Got challenge token for "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de".
[05-Dec-2017 19:55:02] DEBUG --> Token stored at "/home/keyhelp/www/.well-known/acme-challenge/Q-0xM4NzYniNlHP8lCVPlmO_Kam8bqVIe80w95XQK7Y".
[05-Dec-2017 19:55:02] DEBUG --> Token should be available at "http://meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist/.well-known/acme-challenge/Q-0xM4NzYniNlHP8lCVPlmO_Kam8bqVIe80w95XQK7Y".
[05-Dec-2017 19:55:02] DEBUG --> Sending request to challenge
[05-Dec-2017 19:55:02] DEBUG --> Sending signed request to "https://acme-v01.api.letsencrypt.org/ac ... g/26503090". (eine Zahl weggenommen, sollte sie benötigt werden dann bitte Bescheid geben, sende sie dann per PN)
[05-Dec-2017 19:55:03] DEBUG --> Verification ended with status "valid".
[05-Dec-2017 19:55:03] DEBUG --> Generate CSR.
[05-Dec-2017 19:55:03] DEBUG --> Sending signed request to "/acme/new-cert".
[05-Dec-2017 19:55:04] ERROR --> error while acquiring lets encrypt certificate for server services: Invalid HTTP code "429" as response to CSR. Response: {"type":"urn:acme:error:rateLimited","detail":"Error creating new cert :: too many certificates already issued for exact set of domains: meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de","status":429}
[05-Dec-2017 19:55:04] ERROR --> missing certificate component for realm "panel" (complete file: "/etc/ssl/keyhelp/letsencrypt/keyhelp/meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist/complete.pem" | chain file: "/etc/ssl/keyhelp/letsencrypt/keyhelp/meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_istde/chain.pem"
[05-Dec-2017 19:55:05] DEBUG --> service certificates refreshed
[05-Dec-2017 19:55:05] DEBUG --> Apache: applyAllConfigChanges()
[05-Dec-2017 19:55:05] DEBUG --> Apache: checkDirectories()
[05-Dec-2017 19:55:05] DEBUG --> Apache: cleanAll()
[05-Dec-2017 19:55:05] DEBUG --> Apache: cleanVhosts()
[05-Dec-2017 19:55:05] DEBUG --> Apache: cleanCustomVhosts()
[05-Dec-2017 19:55:05] DEBUG --> Apache: cleanPhpFpmPools()
[05-Dec-2017 19:55:05] DEBUG --> Apache: cleanHtpasswd()
[05-Dec-2017 19:55:05] DEBUG --> Apache: getUserIdsWithModifiedDomains()
[05-Dec-2017 19:55:05] DEBUG --> Apache: no config file is marked for refresh, we have nothing more to do...
[05-Dec-2017 19:55:05] DEBUG --> Apache: reloadApache()
[05-Dec-2017 19:55:05] DEBUG --> Apache: syntax ok
[05-Dec-2017 19:55:05] DEBUG --> Apache: reloading apache
[05-Dec-2017 19:55:05] DEBUG --> Apache: reloadPhpFpm()
[05-Dec-2017 19:55:05] DEBUG --> PHP-FPM (php7.0-fpm): syntax ok
[05-Dec-2017 19:55:05] DEBUG --> PHP-FPM (php7.0-fpm): reloading php-fpm
====
[05-Dec-2017 19:56:01] DEBUG --> load tasks ... nothing to do -> return
====
[05-Dec-2017 19:57:01] DEBUG --> load tasks ... nothing to do -> return
====
[05-Dec-2017 19:58:02] INFO --> load tasks ... 3 found
[05-Dec-2017 19:58:02] DEBUG --> task type IDs: 100, 500, 600
[05-Dec-2017 19:58:02] INFO --> add user "web-sven74"
[05-Dec-2017 19:58:02] INFO --> startdir "/home/users/"... created
[05-Dec-2017 19:58:02] INFO --> perform useradd... okay
[05-Dec-2017 19:58:02] INFO --> disable quota for user "web-sven74"... okay
[05-Dec-2017 19:58:02] INFO --> create standard directorys
[05-Dec-2017 19:58:02] INFO --> secure homedir
[05-Dec-2017 19:58:02] DEBUG --> Bind: __construct()
[05-Dec-2017 19:58:02] DEBUG --> Bind: writeConfig()
[05-Dec-2017 19:58:02] DEBUG --> Bind: checkDirectory()
[05-Dec-2017 19:58:02] DEBUG --> Bind: directory "/etc/bind/keyhelp_domains/" already exists
[05-Dec-2017 19:58:02] DEBUG --> Bind: getNameserver()
[05-Dec-2017 19:58:02] DEBUG --> Bind: 2 nameservers found
[05-Dec-2017 19:58:02] DEBUG --> Bind: getIPs()
[05-Dec-2017 19:58:02] DEBUG --> Bind: 1 ips found
[05-Dec-2017 19:58:02] DEBUG --> Bind: generate zone file for domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist"
[05-Dec-2017 19:58:02] INFO --> Bind: write zone file for domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:58:02] DEBUG --> Bind: generateKeyhelpConf()
[05-Dec-2017 19:58:02] INFO --> Bind: write config file "named.conf.keyhelp"
[05-Dec-2017 19:58:02] DEBUG --> Bind: checkSyntax()
[05-Dec-2017 19:58:02] DEBUG --> Bind: syntax ok
[05-Dec-2017 19:58:02] INFO --> Bind: reload bind config
[05-Dec-2017 19:58:02] DEBUG --> Apache: applyAllConfigChanges()
[05-Dec-2017 19:58:02] DEBUG --> Apache: checkDirectories()
[05-Dec-2017 19:58:02] DEBUG --> Apache: cleanAll()
[05-Dec-2017 19:58:02] DEBUG --> Apache: cleanVhosts()
[05-Dec-2017 19:58:02] DEBUG --> Apache: cleanCustomVhosts()
[05-Dec-2017 19:58:02] DEBUG --> Apache: cleanPhpFpmPools()
[05-Dec-2017 19:58:02] DEBUG --> Apache: cleanHtpasswd()
[05-Dec-2017 19:58:02] DEBUG --> Apache: getUserIdsWithModifiedDomains()
[05-Dec-2017 19:58:02] DEBUG --> Apache: we will now apply configs changes of user id "2"
[05-Dec-2017 19:58:02] DEBUG --> Apache: config data loaded for user id "2" ("web-sven74")
[05-Dec-2017 19:58:02] DEBUG --> load domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:58:02] DEBUG --> domain without ssl option
[05-Dec-2017 19:58:02] DEBUG --> Apache: add vhost container for domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:58:02] DEBUG --> Apache: save config to "/etc/apache2/keyhelp/vhosts/web-sven74.conf"
[05-Dec-2017 19:58:02] DEBUG --> PHP-FPM: add php-fpm pool "[web-sven74]" for domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist"
[05-Dec-2017 19:58:02] DEBUG --> save config to "/etc/php/7.0/fpm/keyhelp_pool/web-sven74.conf"
[05-Dec-2017 19:58:02] DEBUG --> Apache: reloadApache()
[05-Dec-2017 19:58:02] DEBUG --> Apache: syntax ok
[05-Dec-2017 19:58:02] DEBUG --> Apache: reloading apache
[05-Dec-2017 19:58:02] DEBUG --> Apache: reloadPhpFpm()
[05-Dec-2017 19:58:02] DEBUG --> PHP-FPM (php7.0-fpm): syntax ok
[05-Dec-2017 19:58:02] DEBUG --> PHP-FPM (php7.0-fpm): reloading php-fpm
====
[05-Dec-2017 19:59:01] INFO --> load tasks ... 4 found
[05-Dec-2017 19:59:01] DEBUG --> task type IDs: 500, 600, 500, 600
[05-Dec-2017 19:59:01] DEBUG --> Bind: __construct()
[05-Dec-2017 19:59:01] DEBUG --> Bind: writeConfig()
[05-Dec-2017 19:59:01] DEBUG --> Bind: checkDirectory()
[05-Dec-2017 19:59:01] DEBUG --> Bind: directory "/etc/bind/keyhelp_domains/" already exists
[05-Dec-2017 19:59:01] DEBUG --> Bind: getNameserver()
[05-Dec-2017 19:59:01] DEBUG --> Bind: 2 nameservers found
[05-Dec-2017 19:59:01] DEBUG --> Bind: getIPs()
[05-Dec-2017 19:59:01] DEBUG --> Bind: 1 ips found
[05-Dec-2017 19:59:01] DEBUG --> Bind: generate zone file for domain "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:01] INFO --> Bind: write zone file for domain "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:01] DEBUG --> Bind: generateKeyhelpConf()
[05-Dec-2017 19:59:01] INFO --> Bind: write config file "named.conf.keyhelp"
[05-Dec-2017 19:59:01] DEBUG --> Bind: checkSyntax()
[05-Dec-2017 19:59:01] DEBUG --> Bind: syntax ok
[05-Dec-2017 19:59:01] INFO --> Bind: reload bind config
[05-Dec-2017 19:59:02] DEBUG --> Apache: applyAllConfigChanges()
[05-Dec-2017 19:59:02] DEBUG --> Apache: checkDirectories()
[05-Dec-2017 19:59:02] DEBUG --> Apache: cleanAll()
[05-Dec-2017 19:59:02] DEBUG --> Apache: cleanVhosts()
[05-Dec-2017 19:59:02] DEBUG --> Apache: cleanCustomVhosts()
[05-Dec-2017 19:59:02] DEBUG --> Apache: cleanPhpFpmPools()
[05-Dec-2017 19:59:02] DEBUG --> Apache: cleanHtpasswd()
[05-Dec-2017 19:59:02] DEBUG --> Apache: getUserIdsWithModifiedDomains()
[05-Dec-2017 19:59:02] DEBUG --> Apache: we will now apply configs changes of user id "2"
[05-Dec-2017 19:59:02] DEBUG --> Apache: config data loaded for user id "2" ("web-sven74")
[05-Dec-2017 19:59:02] DEBUG --> load domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:02] DEBUG --> domain without ssl option
[05-Dec-2017 19:59:02] DEBUG --> load domain "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:02] DEBUG --> domain uses lets encrypt - check if certs are already available
[05-Dec-2017 19:59:02] DEBUG --> lets encrypt cert not available, we request it and rewrite vhost later on
[05-Dec-2017 19:59:02] DEBUG --> Apache: add vhost container for domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:02] DEBUG --> Apache: add vhost container for domain "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:02] DEBUG --> Apache: domain uses lets encrypt for first time - mark user config for rewrite
[05-Dec-2017 19:59:02] DEBUG --> Apache: save config to "/etc/apache2/keyhelp/vhosts/web-sven74.conf"
[05-Dec-2017 19:59:02] DEBUG --> PHP-FPM: add php-fpm pool "[web-sven74]" for domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:02] DEBUG --> save config to "/etc/php/7.0/fpm/keyhelp_pool/web-sven74.conf"
[05-Dec-2017 19:59:02] DEBUG --> PHP-FPM: add php-fpm pool "[web-sven74]" for domain "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:02] DEBUG --> save config to "/etc/php/7.0/fpm/keyhelp_pool/web-sven74.conf"
[05-Dec-2017 19:59:02] DEBUG --> Apache: reloadApache()
[05-Dec-2017 19:59:02] DEBUG --> Apache: syntax ok
[05-Dec-2017 19:59:02] DEBUG --> Apache: reloading apache
[05-Dec-2017 19:59:02] DEBUG --> Apache: reloadPhpFpm()
[05-Dec-2017 19:59:02] DEBUG --> PHP-FPM (php7.0-fpm): syntax ok
[05-Dec-2017 19:59:02] DEBUG --> PHP-FPM (php7.0-fpm): reloading php-fpm
[05-Dec-2017 19:59:02] DEBUG --> Apache: request lets encrypt cert
[05-Dec-2017 19:59:02] DEBUG --> Apache: request for domain "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist"
[05-Dec-2017 19:59:02] DEBUG --> Using certificate authority "https://acme-v01.api.letsencrypt.org".
[05-Dec-2017 19:59:02] DEBUG --> Using terms of service "https://letsencrypt.org/documents/LE-SA ... 5-2017.pdf".
[05-Dec-2017 19:59:02] DEBUG --> Start new account registration.
[05-Dec-2017 19:59:02] DEBUG --> Generate account key pair.
[05-Dec-2017 19:59:03] DEBUG --> Register account.
[05-Dec-2017 19:59:03] DEBUG --> Sending signed request to "/acme/new-reg".
[05-Dec-2017 19:59:04] DEBUG --> Start certificate generation process for domains.
[05-Dec-2017 19:59:04] DEBUG --> Request callenge for "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist".
[05-Dec-2017 19:59:04] DEBUG --> Sending signed request to "/acme/new-authz".
[05-Dec-2017 19:59:05] DEBUG --> Got challenge token for "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de".
[05-Dec-2017 19:59:05] DEBUG --> Token stored at "/home/keyhelp/www/.well-known/acme-challenge/HRDRpd9qwtebQhhqOdJG8s_FGv1Z4A0ZRv4JbMpRo5o".
[05-Dec-2017 19:59:05] DEBUG --> Token should be available at "http://meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de/.well-known/acme-challenge/HRDRpd9qwtebQhhqOdJG8s_FGv1Z4A0ZRv4JbMpRo5o".
[05-Dec-2017 19:59:05] DEBUG --> Sending request to challenge
[05-Dec-2017 19:59:05] DEBUG --> Sending signed request to "https://acme-v01.api.letsencrypt.org/ac ... s/26503416". (eine Zahl weggenommen, sollte sie benötigt werden dann bitte bescheid geben, sende sie dann per PN)
[05-Dec-2017 19:59:06] DEBUG --> Verification process pending. Waiting...
[05-Dec-2017 19:59:07] DEBUG --> Verification ended with status "valid".
[05-Dec-2017 19:59:07] DEBUG --> Generate CSR.
[05-Dec-2017 19:59:07] DEBUG --> Sending signed request to "/acme/new-cert".
[05-Dec-2017 19:59:08] ERROR --> Apache: a lets encrypt error occurred: Invalid HTTP code "429" as response to CSR. Response: {"type":"urn:acme:error:rateLimited","detail":"Error creating new cert :: too many certificates already issued for exact set of domains: meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de","status":429}
====
[05-Dec-2017 20:00:02] DEBUG --> load tasks ... nothing to do -> return
====
[05-Dec-2017 20:01:01] DEBUG --> load tasks ... nothing to do -> return
EDIT:
Gerade noch eine Mail bekommen mit:
[05-Dec-2017 19:55:01] INFO --> load tasks ... 1 found
[05-Dec-2017 19:55:01] DEBUG --> task type IDs: 810
[05-Dec-2017 19:55:01] INFO --> CRON_SSL_REFRESHSERVICE
[05-Dec-2017 19:55:01] DEBUG --> params: - no params -
[05-Dec-2017 19:55:01] DEBUG --> no lets encrypt certs found, we request a new one
[05-Dec-2017 19:55:01] DEBUG --> Using certificate authority "https://acme-v01.api.letsencrypt.org".
[05-Dec-2017 19:55:01] DEBUG --> Using terms of service "https://letsencrypt.org/documents/LE-SA ... 5-2017.pdf".
[05-Dec-2017 19:55:01] DEBUG --> Account already registered. Continue.
[05-Dec-2017 19:55:01] DEBUG --> Start certificate generation process for domains.
[05-Dec-2017 19:55:01] DEBUG --> Request callenge for "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de".
[05-Dec-2017 19:55:01] DEBUG --> Sending signed request to "/acme/new-authz".
[05-Dec-2017 19:55:02] DEBUG --> Got challenge token for "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de".
[05-Dec-2017 19:55:02] DEBUG --> Token stored at "/home/keyhelp/www/.well-known/acme-challenge/Q-0xM4NzYniNlHP8lCVPlmO_Kam8bqVIe80w95XQK7Y".
[05-Dec-2017 19:55:02] DEBUG --> Token should be available at "http://meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist/.well-known/acme-challenge/Q-0xM4NzYniNlHP8lCVPlmO_Kam8bqVIe80w95XQK7Y".
[05-Dec-2017 19:55:02] DEBUG --> Sending request to challenge
[05-Dec-2017 19:55:02] DEBUG --> Sending signed request to "https://acme-v01.api.letsencrypt.org/ac ... g/26503090". (eine Zahl weggenommen, sollte sie benötigt werden dann bitte Bescheid geben, sende sie dann per PN)
[05-Dec-2017 19:55:03] DEBUG --> Verification ended with status "valid".
[05-Dec-2017 19:55:03] DEBUG --> Generate CSR.
[05-Dec-2017 19:55:03] DEBUG --> Sending signed request to "/acme/new-cert".
[05-Dec-2017 19:55:04] ERROR --> error while acquiring lets encrypt certificate for server services: Invalid HTTP code "429" as response to CSR. Response: {"type":"urn:acme:error:rateLimited","detail":"Error creating new cert :: too many certificates already issued for exact set of domains: meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de","status":429}
[05-Dec-2017 19:55:04] ERROR --> missing certificate component for realm "panel" (complete file: "/etc/ssl/keyhelp/letsencrypt/keyhelp/meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist/complete.pem" | chain file: "/etc/ssl/keyhelp/letsencrypt/keyhelp/meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_istde/chain.pem"
[05-Dec-2017 19:55:05] DEBUG --> service certificates refreshed
[05-Dec-2017 19:55:05] DEBUG --> Apache: applyAllConfigChanges()
[05-Dec-2017 19:55:05] DEBUG --> Apache: checkDirectories()
[05-Dec-2017 19:55:05] DEBUG --> Apache: cleanAll()
[05-Dec-2017 19:55:05] DEBUG --> Apache: cleanVhosts()
[05-Dec-2017 19:55:05] DEBUG --> Apache: cleanCustomVhosts()
[05-Dec-2017 19:55:05] DEBUG --> Apache: cleanPhpFpmPools()
[05-Dec-2017 19:55:05] DEBUG --> Apache: cleanHtpasswd()
[05-Dec-2017 19:55:05] DEBUG --> Apache: getUserIdsWithModifiedDomains()
[05-Dec-2017 19:55:05] DEBUG --> Apache: no config file is marked for refresh, we have nothing more to do...
[05-Dec-2017 19:55:05] DEBUG --> Apache: reloadApache()
[05-Dec-2017 19:55:05] DEBUG --> Apache: syntax ok
[05-Dec-2017 19:55:05] DEBUG --> Apache: reloading apache
[05-Dec-2017 19:55:05] DEBUG --> Apache: reloadPhpFpm()
[05-Dec-2017 19:55:05] DEBUG --> PHP-FPM (php7.0-fpm): syntax ok
[05-Dec-2017 19:55:05] DEBUG --> PHP-FPM (php7.0-fpm): reloading php-fpm
====
[05-Dec-2017 19:56:01] DEBUG --> load tasks ... nothing to do -> return
====
[05-Dec-2017 19:57:01] DEBUG --> load tasks ... nothing to do -> return
====
[05-Dec-2017 19:58:02] INFO --> load tasks ... 3 found
[05-Dec-2017 19:58:02] DEBUG --> task type IDs: 100, 500, 600
[05-Dec-2017 19:58:02] INFO --> add user "web-sven74"
[05-Dec-2017 19:58:02] INFO --> startdir "/home/users/"... created
[05-Dec-2017 19:58:02] INFO --> perform useradd... okay
[05-Dec-2017 19:58:02] INFO --> disable quota for user "web-sven74"... okay
[05-Dec-2017 19:58:02] INFO --> create standard directorys
[05-Dec-2017 19:58:02] INFO --> secure homedir
[05-Dec-2017 19:58:02] DEBUG --> Bind: __construct()
[05-Dec-2017 19:58:02] DEBUG --> Bind: writeConfig()
[05-Dec-2017 19:58:02] DEBUG --> Bind: checkDirectory()
[05-Dec-2017 19:58:02] DEBUG --> Bind: directory "/etc/bind/keyhelp_domains/" already exists
[05-Dec-2017 19:58:02] DEBUG --> Bind: getNameserver()
[05-Dec-2017 19:58:02] DEBUG --> Bind: 2 nameservers found
[05-Dec-2017 19:58:02] DEBUG --> Bind: getIPs()
[05-Dec-2017 19:58:02] DEBUG --> Bind: 1 ips found
[05-Dec-2017 19:58:02] DEBUG --> Bind: generate zone file for domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist"
[05-Dec-2017 19:58:02] INFO --> Bind: write zone file for domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:58:02] DEBUG --> Bind: generateKeyhelpConf()
[05-Dec-2017 19:58:02] INFO --> Bind: write config file "named.conf.keyhelp"
[05-Dec-2017 19:58:02] DEBUG --> Bind: checkSyntax()
[05-Dec-2017 19:58:02] DEBUG --> Bind: syntax ok
[05-Dec-2017 19:58:02] INFO --> Bind: reload bind config
[05-Dec-2017 19:58:02] DEBUG --> Apache: applyAllConfigChanges()
[05-Dec-2017 19:58:02] DEBUG --> Apache: checkDirectories()
[05-Dec-2017 19:58:02] DEBUG --> Apache: cleanAll()
[05-Dec-2017 19:58:02] DEBUG --> Apache: cleanVhosts()
[05-Dec-2017 19:58:02] DEBUG --> Apache: cleanCustomVhosts()
[05-Dec-2017 19:58:02] DEBUG --> Apache: cleanPhpFpmPools()
[05-Dec-2017 19:58:02] DEBUG --> Apache: cleanHtpasswd()
[05-Dec-2017 19:58:02] DEBUG --> Apache: getUserIdsWithModifiedDomains()
[05-Dec-2017 19:58:02] DEBUG --> Apache: we will now apply configs changes of user id "2"
[05-Dec-2017 19:58:02] DEBUG --> Apache: config data loaded for user id "2" ("web-sven74")
[05-Dec-2017 19:58:02] DEBUG --> load domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:58:02] DEBUG --> domain without ssl option
[05-Dec-2017 19:58:02] DEBUG --> Apache: add vhost container for domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:58:02] DEBUG --> Apache: save config to "/etc/apache2/keyhelp/vhosts/web-sven74.conf"
[05-Dec-2017 19:58:02] DEBUG --> PHP-FPM: add php-fpm pool "[web-sven74]" for domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist"
[05-Dec-2017 19:58:02] DEBUG --> save config to "/etc/php/7.0/fpm/keyhelp_pool/web-sven74.conf"
[05-Dec-2017 19:58:02] DEBUG --> Apache: reloadApache()
[05-Dec-2017 19:58:02] DEBUG --> Apache: syntax ok
[05-Dec-2017 19:58:02] DEBUG --> Apache: reloading apache
[05-Dec-2017 19:58:02] DEBUG --> Apache: reloadPhpFpm()
[05-Dec-2017 19:58:02] DEBUG --> PHP-FPM (php7.0-fpm): syntax ok
[05-Dec-2017 19:58:02] DEBUG --> PHP-FPM (php7.0-fpm): reloading php-fpm
====
[05-Dec-2017 19:59:01] INFO --> load tasks ... 4 found
[05-Dec-2017 19:59:01] DEBUG --> task type IDs: 500, 600, 500, 600
[05-Dec-2017 19:59:01] DEBUG --> Bind: __construct()
[05-Dec-2017 19:59:01] DEBUG --> Bind: writeConfig()
[05-Dec-2017 19:59:01] DEBUG --> Bind: checkDirectory()
[05-Dec-2017 19:59:01] DEBUG --> Bind: directory "/etc/bind/keyhelp_domains/" already exists
[05-Dec-2017 19:59:01] DEBUG --> Bind: getNameserver()
[05-Dec-2017 19:59:01] DEBUG --> Bind: 2 nameservers found
[05-Dec-2017 19:59:01] DEBUG --> Bind: getIPs()
[05-Dec-2017 19:59:01] DEBUG --> Bind: 1 ips found
[05-Dec-2017 19:59:01] DEBUG --> Bind: generate zone file for domain "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:01] INFO --> Bind: write zone file for domain "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:01] DEBUG --> Bind: generateKeyhelpConf()
[05-Dec-2017 19:59:01] INFO --> Bind: write config file "named.conf.keyhelp"
[05-Dec-2017 19:59:01] DEBUG --> Bind: checkSyntax()
[05-Dec-2017 19:59:01] DEBUG --> Bind: syntax ok
[05-Dec-2017 19:59:01] INFO --> Bind: reload bind config
[05-Dec-2017 19:59:02] DEBUG --> Apache: applyAllConfigChanges()
[05-Dec-2017 19:59:02] DEBUG --> Apache: checkDirectories()
[05-Dec-2017 19:59:02] DEBUG --> Apache: cleanAll()
[05-Dec-2017 19:59:02] DEBUG --> Apache: cleanVhosts()
[05-Dec-2017 19:59:02] DEBUG --> Apache: cleanCustomVhosts()
[05-Dec-2017 19:59:02] DEBUG --> Apache: cleanPhpFpmPools()
[05-Dec-2017 19:59:02] DEBUG --> Apache: cleanHtpasswd()
[05-Dec-2017 19:59:02] DEBUG --> Apache: getUserIdsWithModifiedDomains()
[05-Dec-2017 19:59:02] DEBUG --> Apache: we will now apply configs changes of user id "2"
[05-Dec-2017 19:59:02] DEBUG --> Apache: config data loaded for user id "2" ("web-sven74")
[05-Dec-2017 19:59:02] DEBUG --> load domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:02] DEBUG --> domain without ssl option
[05-Dec-2017 19:59:02] DEBUG --> load domain "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:02] DEBUG --> domain uses lets encrypt - check if certs are already available
[05-Dec-2017 19:59:02] DEBUG --> lets encrypt cert not available, we request it and rewrite vhost later on
[05-Dec-2017 19:59:02] DEBUG --> Apache: add vhost container for domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:02] DEBUG --> Apache: add vhost container for domain "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:02] DEBUG --> Apache: domain uses lets encrypt for first time - mark user config for rewrite
[05-Dec-2017 19:59:02] DEBUG --> Apache: save config to "/etc/apache2/keyhelp/vhosts/web-sven74.conf"
[05-Dec-2017 19:59:02] DEBUG --> PHP-FPM: add php-fpm pool "[web-sven74]" for domain "web-sven74.meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:02] DEBUG --> save config to "/etc/php/7.0/fpm/keyhelp_pool/web-sven74.conf"
[05-Dec-2017 19:59:02] DEBUG --> PHP-FPM: add php-fpm pool "[web-sven74]" for domain "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de"
[05-Dec-2017 19:59:02] DEBUG --> save config to "/etc/php/7.0/fpm/keyhelp_pool/web-sven74.conf"
[05-Dec-2017 19:59:02] DEBUG --> Apache: reloadApache()
[05-Dec-2017 19:59:02] DEBUG --> Apache: syntax ok
[05-Dec-2017 19:59:02] DEBUG --> Apache: reloading apache
[05-Dec-2017 19:59:02] DEBUG --> Apache: reloadPhpFpm()
[05-Dec-2017 19:59:02] DEBUG --> PHP-FPM (php7.0-fpm): syntax ok
[05-Dec-2017 19:59:02] DEBUG --> PHP-FPM (php7.0-fpm): reloading php-fpm
[05-Dec-2017 19:59:02] DEBUG --> Apache: request lets encrypt cert
[05-Dec-2017 19:59:02] DEBUG --> Apache: request for domain "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist"
[05-Dec-2017 19:59:02] DEBUG --> Using certificate authority "https://acme-v01.api.letsencrypt.org".
[05-Dec-2017 19:59:02] DEBUG --> Using terms of service "https://letsencrypt.org/documents/LE-SA ... 5-2017.pdf".
[05-Dec-2017 19:59:02] DEBUG --> Start new account registration.
[05-Dec-2017 19:59:02] DEBUG --> Generate account key pair.
[05-Dec-2017 19:59:03] DEBUG --> Register account.
[05-Dec-2017 19:59:03] DEBUG --> Sending signed request to "/acme/new-reg".
[05-Dec-2017 19:59:04] DEBUG --> Start certificate generation process for domains.
[05-Dec-2017 19:59:04] DEBUG --> Request callenge for "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist".
[05-Dec-2017 19:59:04] DEBUG --> Sending signed request to "/acme/new-authz".
[05-Dec-2017 19:59:05] DEBUG --> Got challenge token for "meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de".
[05-Dec-2017 19:59:05] DEBUG --> Token stored at "/home/keyhelp/www/.well-known/acme-challenge/HRDRpd9qwtebQhhqOdJG8s_FGv1Z4A0ZRv4JbMpRo5o".
[05-Dec-2017 19:59:05] DEBUG --> Token should be available at "http://meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de/.well-known/acme-challenge/HRDRpd9qwtebQhhqOdJG8s_FGv1Z4A0ZRv4JbMpRo5o".
[05-Dec-2017 19:59:05] DEBUG --> Sending request to challenge
[05-Dec-2017 19:59:05] DEBUG --> Sending signed request to "https://acme-v01.api.letsencrypt.org/ac ... s/26503416". (eine Zahl weggenommen, sollte sie benötigt werden dann bitte bescheid geben, sende sie dann per PN)
[05-Dec-2017 19:59:06] DEBUG --> Verification process pending. Waiting...
[05-Dec-2017 19:59:07] DEBUG --> Verification ended with status "valid".
[05-Dec-2017 19:59:07] DEBUG --> Generate CSR.
[05-Dec-2017 19:59:07] DEBUG --> Sending signed request to "/acme/new-cert".
[05-Dec-2017 19:59:08] ERROR --> Apache: a lets encrypt error occurred: Invalid HTTP code "429" as response to CSR. Response: {"type":"urn:acme:error:rateLimited","detail":"Error creating new cert :: too many certificates already issued for exact set of domains: meine_url_die_ich_hier_noch_nicht_zeigen_will_die_aber_online_ist.de","status":429}
====
[05-Dec-2017 20:00:02] DEBUG --> load tasks ... nothing to do -> return
====
[05-Dec-2017 20:01:01] DEBUG --> load tasks ... nothing to do -> return
EDIT:
Gerade noch eine Mail bekommen mit:
An error occurred while updating Let's Encrypt certificates.
The following domains are affected:
Domain: www.meinedomain.de
Error: Invalid HTTP code "429" as response to CSR. Response: {"type":"urn:acme:error:rateLimited","detail":"Error creating new cert :: too many certificates already issued for exact set of domains: www.meinedomain.de","status":429}
Domain: meinedomain.de
Error: Invalid HTTP code "429" as response to CSR. Response: {"type":"urn:acme:error:rateLimited","detail":"Error creating new cert :: too many certificates already issued for exact set of domains: meinedomain.de","status":429}
Heißt doch eigentlich das durch meine ganze testerei zu viele Anfragen anstehen oder? Und wenn ja was kann ich dagegen machen?
Mfg Sven
Re: Let's Encrypt Zertifikat
Hallo,
pro Domain erlaubt Let's Encrypt 20 Anfragen pro Woche, wenn ich dies recht im Kopf habe.
Hier müsste dann entsprechend etwas gewartet werden.
pro Domain erlaubt Let's Encrypt 20 Anfragen pro Woche, wenn ich dies recht im Kopf habe.
Hier müsste dann entsprechend etwas gewartet werden.
Viele Grüße,
Martin
Martin
Re: Let's Encrypt Zertifikat
Dies ist nicht möglich und liegt ganz in der Hand der Let's Encrypt Zertifizierungsstelle.
Mit freundlichen Grüßen / Best regards
Alexander Mahr
**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
Alexander Mahr
**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************