FIXED: WARNING – Could not verify domain so excluding it from letsencrypt request

Posted on
FIXED! ISPConfig - WARNING - Could not verify domain so excluding it from letsencrypt request

Having problems with getting Let’s Encrypt SSL Certificates in your ISPConfigDomain?

Well, then you are not a lone and I will show you how you can fix that issue.

ISPConfig recently implemented a feature which checks if the Site you are requesting a domain for really exists. In my case, I was adding some alias domains to a existing site and was wondering why LE is not creating the SSL Certificate for it. Whatever I tried to do, I could not get it running.

Well, in this situation, one is checking the logfiles. But there was not a single hint in /var/log/letsencrypt/letsencrypt.log neither I found a hint in the syslog and also not in the apache logs. So I enabled debugging in ISPConfig and checked the log in: /var/log/ispconfig/ispconfig.log and every time I set the check mark for Let’s Encrypt SSL in the UI and saved it, this error message appeared in the logs:

WARNING - Could not verify domain so excluding it from letsencrypt request.
WARNING - Could not verify domain subB.domain.tld, so excluding it from letsencrypt request.
WARNING - Could not verify domain subC.domain.tld, so excluding it from letsencrypt request.
WARNING - Let's Encrypt SSL Cert for: sub.domain.tld could not be issued.

This doesn’t tell you where the issue is coming from, neither how you can fix it. I almost bursted and was half way shouting at my laptop.

So, the next thing you do, is to google the error message and see if you can find something. Well, I first bumped into this thread, LetsEncrypt on Debian Jessie + ISP3.12 – automatic fails, manually succeed and found the Post from Fabian, saying:

ISPConfig tries to connect to each site before getting a cert for the domain. If your could not connect to the domain, this domain will be excluded. It seems, that this not working very well on all systems (we already discussed this).

and provided a fix for the nginx_plugin.inc.php and apache2_plugin.inc.php

On my way to find the lines in the config files, I yelled the hell out of my laptop, because I couldn’t find them. Well, the post is from March 2017. Since then they have pushed some updates, and things might have changed.

The next solution I found was on LE: Could not verify domain and there I found the hint to fix the issue.

To fix that problem, you have to enable “Skip Lets Encrypt Check”

In your ISPConfig Settings, click Save, wait for it to apply, and then go ahead and get your certificates!

Related Articles
Und im letzten Teil dieser Anleitung, wird Postfix und Dovecot als Mail Server aufgesetzt. Fail2Ban sichert hier gegen massenhafte Passwort eingaben, Let's Encrypt liefert das Read more
Dieser Teil der Anleitung beinhaltet die Installation des MariaDB Datenbank Servers. Auch hier wird ISPConfig mit Installiert.
Teil 4 der Anleitung umfasst die Installation des sekundären DNS Servers (NS2) auch hier wird das ganze Setup mit ISPConfig abgeschlossen.
In diesem Teil der Anleitung wird der NS1 installiert. Auch hier wird ISPConfig installiert und konfiguriert.
Teil 2 des ISPConfig Multi Server Setups. In diesem Teil wird der Apache Webserver installiert, die Datenbanken werden eingerichtet, Roundcube und phpMyAdmin werden eingestellt. Fail2Ban Read more

3 thoughts on “FIXED: WARNING – Could not verify domain so excluding it from letsencrypt request

  1. It worked!
    After checking the “Skip Lets Encrypt Check” checkbox, the certificate was finally generated, thanks!

    1. Welcome!

      I’m glad it was helpful.

  2. Thanks a million! you saved me from re-creating many vhosts or re-installing the server altogether! 😉

Leave a Comment / What do you think?

Your email address will not be published. Required fields are marked *