Problem with Certificate Auto Renew Let's Encrypt

Hello,

Try and check directadmin logs and system messages, they should give clues on why automatic renewal fails.
 
System message no info about ssl
Which exactly log? Error Log, Cron Log..?
 
If DIrectadmin fails to renew a cert admins get notified about it via system messages and by email.

Check /var/log/directadmin/ for clues.

Reset creation time to 0 in the files or selectively per domain:

/usr/local/directadmin/data/users/*/domains/*.cert.creation_time

and run a process in a debug mode:



Code:
echo "action=rewrite&value=letsencrypt" >> /usr/local/directadmin/data/task.queue && /usr/local/directadmin/dataskq d800
 
I do not see any info in the logs about ssl maybe i gonna wait to 30 may
In the domains/*.cert.creation_time there is on file 'cert.creation_time ' i do no how to reset creation time to 0


Debug mode. Level 800

root priv set: uid:0 gid:0 euid:0 egid:0
pidfile written
starting queue
dataskq: command: action=rewrite&value=letsencrypt
done queue


Edit ok i found *.cert.creation_time i need open and change to 0?
 
Last edited:
the second command should be executed now, it has no sense to run it without prior resetting creation time.

#4
 
Sorry, i do not expert in DA :) i get now :


root priv set: uid:0 gid:0 euid:0 egid:0
pidfile written
starting queue
dataskq: command: action=rewrite&value=letsencrypt
done queue
 
expected reply:

Code:
Debug mode. Level 800


root priv set: uid:0 gid:0 euid:0 egid:0
pidfile written
starting queue
dataskq: command: action=rewrite&value=letsencrypt
[B]LetsEncrypt renewal on domain.com has succeeded. Not sending a notice.[/B]
done queue

Change time to 100 instead of 0, otherwise it will give

Code:
Unable to read the time from the string '0' from the file /usr/local/directadmin/data/users/userbob/domains/domain.com.cert.creation_time

and try the same.

+ Then post here in text results from

Code:
/usr/local/directadmin/directadmin c | grep letsencrypt
 
letsencrypt=1
letsencrypt_renewal_days=60
letsencrypt_max_requests_per_week=20
letsencrypt_multidomain_cert=2
letsencrypt_renewal_success_notice=0
renew_letsencrypt_on_suspended_domain=0
letsencrypt_list=www:mail:ftp:pop:smtp
letsencrypt_list_selected=www
 
Contact directadmin developers for a possibly free audit on your server or me for a paid support.
 
I asked DA Support "So I'd recommend changing your hostname to be something like: server.domain.com" now is domain.com
https://help.directadmin.com/item.php?id=405

But when i do this domain.com do not work i get
DNS_PROBE_FINISHED_NXDOMAIN"

MX, A records exist
I have Local Data :NO hmm..

I don't understand step 2 i have to add to directadmin.conf named_rename_hostname_zone=1 ?
DA as well do not work, webmail. but subdomain (demo)works good.


Thanks
 
Last edited:
if you changed your domain name or hostname, make sure you still have the correct DNS zone and records.

Kindly provide a real domain name if you need more detailed help.
 
server.web-komp.eu, and web-komp.eu resolve fine.

Directadmin is not accessible. What error do you see in Directadmin logs under /var/log/directadmin/?

I could fix it for you quickly, if you want, contact me privately for a paid support. It is OK if we proceed here, and it might take a while to check/test/fix.
 
Now seems to be works good I will let you know if auto renew SSl do not work correct. Is the any possible check early? now i need wait 14 day :|
 
Directadmin starts attempts to renew existing certs 30 days before it's expiration date. So you have to wait 59-60 days, unless you reset creation time stored in *.cert.creation_time to 100 for example or another value (do not set it to zero though).
 
Try

Code:
echo $(hostname -f) >> /etc/virtual/domainowners

and request a cert for your hostname
 
Back
Top