DirectAdmin 1.50.0 has been released

donkeyKICK

Verified User
Joined
Jul 24, 2007
Messages
416
Oh, wow! I didn't even know there was a pre-release thing.

Thank you for turning me on to this. Perfect!
 

ZipperZapper

Verified User
Joined
Nov 30, 2015
Messages
111
Nginx restart is required since a cert renewal.

Directadmin is smart enough and does a test of the nginx configuration, if a test fails directadmin won't force to restart nginx. If directadmin would not check nginx configuration and force restarting, then nginx would not simply start and you would get you web-server down.

If you see an old cert in a browser, when you are 100% sure that the cert was renewed...
If a site with a newly subdomain or domain shows a blank page with "Nginx is functioning normally" instead of expected content... then it would mean that nginx was not restarted.



Actually you have 3 options:

1. install pre-release binary
2. manual renew through directadmin interface per domain
3. for bulk updates use the guide in the post #203
Bit confused by your answer, where did the part about Nginx came from? My certs begin to expire one by one, DirectAdmin didn't replace them although it send me mails it did renew the certs. Nginx had been restarted a few times since that mail, so there wasn't a problem with nginx?

I will try that pre-release thing and hope it will fix it for the future. As I had to act very quickly, I just manually renewed all the certs from the DirectAdmin panel yesterday.

I really do think the DirectAdmin crew has to post some sort of warning about this. People do think the certs are renewed just fine, because it said so in the mail, but it won't work. People need to be made aware of this, because sites will trow certificate-errors, which isn't what you want.

Edit
I can't use the pre-release thing, because I can't login to that Client-page. Bought my license through a hosting company in the Netherlands.
 
Last edited:

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,089
Location
GMT +7.00
Bit confused by your answer, where did the part about Nginx came from? My certs begin to expire one by one, DirectAdmin didn't replace them although it send me mails it did renew the certs. Nginx had been restarted a few times since that mail, so there wasn't a problem with nginx?
Are you sure that Directadmin renewed your cert? What time of modification do you see on the files with cert? Are you sure that you restarted nginx? Did you do it in console?

What do you see with
Code:
nginx -t
?

I can't use the pre-release thing, because I can't login to that Client-page. Bought my license through a hosting company in the Netherlands.
Open a ticket with directadmin support then.
 

Frej

Verified User
Joined
Jun 15, 2008
Messages
156
when you go to pre release how do you go back to normal versions?
 

ZipperZapper

Verified User
Joined
Nov 30, 2015
Messages
111
Are you sure that Directadmin renewed your cert?
I never said I did. The only things I do know:

- Ten days ago I received a message in the mail/ticketsystem saying my cert was succesfully renewed;
- I was happy it worked and forget to check the dates on the cert in the browser to see if it was indeed renewed and applied or not
- A few days ago that certificate expired, so my browser blocked access to that site showing the 'unsafe site' message we all know. So the automatic renewing and installing of the cert failed somewhere in the proces. Don't know which one of the two.
- I fixed it quickly by manualy creating new certs for all my websites in the control panel
- Went looking on the Forum if this problem was known. Which seems to be the case, but still no official fix pushed out.

And yes, I'm very, very, sure Nginx restarted in the days that went by between the message in the ticket system and the day the cert actually expired. The whole server was even rebooted a few times, for other reasons.

As said I manually recreated all my certs now so I have 90 days to go again to wait for the official fix.
 
Last edited:

Cyberdevil

Verified User
Joined
Sep 16, 2007
Messages
40
For some reason, this line of the script fails: CHALLENGE="`echo "${RESPONSE}" | egrep -o '{[^{]*"type":"http-01"[^}]*'`"

If I try the egrep in command line, it shows that the line is not correct:
/usr/local/directadmin/scripts/letsencrypt.sh request somedomain.be 4096 | egrep -o '{[^{]*"type":"http-01"[^}]*'`"
>
Any ideas?
 

Cyberdevil

Verified User
Joined
Sep 16, 2007
Messages
40

redjersey

Verified User
Joined
Apr 22, 2013
Messages
93
Location
Toronto, Canada
Also have the same problem... all of my certs are now expired!

So when will DA release the stabled version? Not sure if I should just install the pre-release version or just wait for a few more days.
 

ZipperZapper

Verified User
Joined
Nov 30, 2015
Messages
111
There is no need to install the pre-release. The problem is fixed by changing one line of code, instructions here: http://forum.directadmin.com/showthread.php?t=53238&p=273107#post273107
They say Let's Encrypt was marked as a BETA-feature, that's why they don't want to push out an update just for this. I think they could have done it looking at the scale on which it's used, but okay, I respect their decision. At least an easy fix is published now.
 

redjersey

Verified User
Joined
Apr 22, 2013
Messages
93
Location
Toronto, Canada
There is no need to install the pre-release. The problem is fixed by changing one line of code, instructions here: http://forum.directadmin.com/showthread.php?t=53238&p=273107#post273107
They say Let's Encrypt was marked as a BETA-feature, that's why they don't want to push out an update just for this. I think they could have done it looking at the scale on which it's used, but okay, I respect their decision. At least an easy fix is published now.
Thanks, I have changed the line. How to renew the certs as for now all of my certs are expired?

I have run:
./letsencrypt.sh renew mydomain.com 4096

and I got the message saying that Certificate for mydomain.com has been created successfully!

but it's not?
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,751
Location
LT, EU
Thanks, I have changed the line. How to renew the certs as for now all of my certs are expired?

I have run:
./letsencrypt.sh renew mydomain.com 4096

and I got the message saying that Certificate for mydomain.com has been created successfully!

but it's not?
I'd suggest using command mentioned in https://www.directadmin.com/features.php?id=1828:
Code:
echo "action=rewrite&value=letsencrypt" >> /usr/local/directadmin/data/task.queue
 

redjersey

Verified User
Joined
Apr 22, 2013
Messages
93
Location
Toronto, Canada
Don't know about that. I just do it in the control panel.
No. If I do this using the control panel, I'm actually installing a new one, not renewing it.

@smtalk it's not working. I have run the ./letsencrypt.sh mydomain.ext 4096 after getting the successfully message, I run the

echo "action=rewrite&value=letsencrypt" >> /usr/local/directadmin/data/task.queue

and it's still not renewing. Am I missing something?
 

ZipperZapper

Verified User
Joined
Nov 30, 2015
Messages
111
No. If I do this using the control panel, I'm actually installing a new one, not renewing it.
Why is that a problem? Fixes your current issue of expired certs immediately and gives you 90 days to fix the bigger problem with renewing.
 
Top