-
-
Notifications
You must be signed in to change notification settings - Fork 455
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Problem renewing letsencrypt certificates (just doesnt even try) #1135
Comments
Did you try running https://docs.froxlor.org/latest/admin-guide/cli-scripts/#validate-acme-webroot to check if the acme.sh configs are up-to-date with the new path |
Just done that and it reports
several dozen times and still same issue if i then again blank the validtodate field and the cron job then runs and requests a certificate. then rerunning the validate-acme-webroot lists an entry with getting info for and the domain name that i just blanked the field for |
Yes, there is still a bug here. You may have a domain where the certificate cannot be renewed and then the whole process will stop working after a short time until you have identified the defective domain. Make a database query which domain either has an expired certificate or could not generate one maybe : #1035 |
Describe the bug
A clear and concise description of what the bug is.
Upgraded from froxlor 0.10.x in Mid march. This was also a new server. process was create new server, shutdown old system, sync files and copy database to new machine. installed the froxlor deb package, did update steps, change php version etc. All been working ok for last few months
I have a few 'dead' domains that need removing, but are deactivated.
I havent had any letsencrypt auto update since the update. I currently have many >20 that are expired including the panel vhost.
I run
if i run it with a -f
I then get extra in output
I have found that if I do the following it gets it to create a certificate
in mysql erase the validtodate in the table with
It seems that the acme.sh script that gets installed in roots home doesnt have the domains except the ones Ive managed to wipe the valid date in the database, should it?
As said Ive had it regenerate them for a couple of urgent domains, but left it for others so that I can assist in resolving this.
Is there a step in an upgrade step that I have missed?
Will this renew correctly in July? when next due?
System information
To Reproduce
Steps to reproduce the behavior:
Happy to give mysql data etc to duplicate but as production system cant just wipe froxlor and redo so not sure how to describe further to allow 'reproducing'
settings for ssl
key size 4096
not ecc/ecdsa
had reuse certificates on and tried off
validate dns names is off
path to acme.sh: /root/.acme.sh/acme.sh
path to acme snippet: /etc/apache2/conf-enabled/acme.conf
acme environment letsencrypt live
path for letsencrypt challenges: /var/www/html/froxlor
Expected behavior
Lets Encrypt certificates to not expire but renew
The text was updated successfully, but these errors were encountered: