DirectAdmin 1.50.0 has been released

[zEitEr]

So, how do I get the updated script?

http://help.directadmin.com/item.php?id=408

 

[donkeyKICK]

Oh, wow! I didn't even know there was a pre-release thing.

Thank you for turning me on to this. Perfect!

 

[ZipperZapper]

Nginx restart is required since a cert renewal.

Directadmin is smart enough and does a test of the nginx configuration, if a test fails directadmin won't force to restart nginx. If directadmin would not check nginx configuration and force restarting, then nginx would not simply start and you would get you web-server down.

If you see an old cert in a browser, when you are 100% sure that the cert was renewed...
If a site with a newly subdomain or domain shows a blank page with "Nginx is functioning normally" instead of expected content... then it would mean that nginx was not restarted.



Actually you have 3 options:

1. install pre-release binary
2. manual renew through directadmin interface per domain
3. for bulk updates use the guide in the post #203

Bit confused by your answer, where did the part about Nginx came from? My certs begin to expire one by one, DirectAdmin didn't replace them although it send me mails it did renew the certs. Nginx had been restarted a few times since that mail, so there wasn't a problem with nginx?

I will try that pre-release thing and hope it will fix it for the future. As I had to act very quickly, I just manually renewed all the certs from the DirectAdmin panel yesterday.

I really do think the DirectAdmin crew has to post some sort of warning about this. People do think the certs are renewed just fine, because it said so in the mail, but it won't work. People need to be made aware of this, because sites will trow certificate-errors, which isn't what you want.

Edit
I can't use the pre-release thing, because I can't login to that Client-page. Bought my license through a hosting company in the Netherlands.

 

[zEitEr]

Bit confused by your answer, where did the part about Nginx came from? My certs begin to expire one by one, DirectAdmin didn't replace them although it send me mails it did renew the certs. Nginx had been restarted a few times since that mail, so there wasn't a problem with nginx?

Are you sure that Directadmin renewed your cert? What time of modification do you see on the files with cert? Are you sure that you restarted nginx? Did you do it in console?

What do you see with

nginx -t

?

I can't use the pre-release thing, because I can't login to that Client-page. Bought my license through a hosting company in the Netherlands.

Open a ticket with directadmin support then.

 

[Frej]

when you go to pre release how do you go back to normal versions?

 

[zEitEr]

http://help.directadmin.com/item.php?id=29

 

[ZipperZapper]

Are you sure that Directadmin renewed your cert?

I never said I did. The only things I do know:

- Ten days ago I received a message in the mail/ticketsystem saying my cert was succesfully renewed;
- I was happy it worked and forget to check the dates on the cert in the browser to see if it was indeed renewed and applied or not
- A few days ago that certificate expired, so my browser blocked access to that site showing the 'unsafe site' message we all know. So the automatic renewing and installing of the cert failed somewhere in the proces. Don't know which one of the two.
- I fixed it quickly by manualy creating new certs for all my websites in the control panel
- Went looking on the Forum if this problem was known. Which seems to be the case, but still no official fix pushed out.

And yes, I'm very, very, sure Nginx restarted in the days that went by between the message in the ticket system and the day the cert actually expired. The whole server was even rebooted a few times, for other reasons.

As said I manually recreated all my certs now so I have 90 days to go again to wait for the official fix.

 

[Cyberdevil]

For some reason, this line of the script fails: CHALLENGE="`echo "${RESPONSE}" | egrep -o '{[^{]*"type":"http-01"[^}]*'`"

If I try the egrep in command line, it shows that the line is not correct:

/usr/local/directadmin/scripts/letsencrypt.sh request somedomain.be 4096 | egrep -o '{[^{]*"type":"http-01"[^}]*'`"
>

Any ideas?

 

[Cyberdevil]

For some reason, this line of the script fails: CHALLENGE="`echo "${RESPONSE}" | egrep -o '{[^{]*"type":"http-01"[^}]*'`"

If I try the egrep in command line, it shows that the line is not correct:


Any ideas?

This solved it for me: http://forum.directadmin.com/showthread.php?t=53238&p=273107#post273107
Strange that there is a known fix but isn't pushed to the stable release Just my 2 cents.

 

[redjersey]

Also have the same problem... all of my certs are now expired!

So when will DA release the stabled version? Not sure if I should just install the pre-release version or just wait for a few more days.

 

[ZipperZapper]

There is no need to install the pre-release. The problem is fixed by changing one line of code, instructions here: http://forum.directadmin.com/showthread.php?t=53238&p=273107#post273107
They say Let's Encrypt was marked as a BETA-feature, that's why they don't want to push out an update just for this. I think they could have done it looking at the scale on which it's used, but okay, I respect their decision. At least an easy fix is published now.

 

[redjersey]

There is no need to install the pre-release. The problem is fixed by changing one line of code, instructions here: http://forum.directadmin.com/showthread.php?t=53238&p=273107#post273107
They say Let's Encrypt was marked as a BETA-feature, that's why they don't want to push out an update just for this. I think they could have done it looking at the scale on which it's used, but okay, I respect their decision. At least an easy fix is published now.

Thanks, I have changed the line. How to renew the certs as for now all of my certs are expired?

I have run:
./letsencrypt.sh renew mydomain.com 4096

and I got the message saying that Certificate for mydomain.com has been created successfully!

but it's not?

 

[ZipperZapper]

Don't know about that. I just do it in the control panel.

 

[smtalk]

Thanks, I have changed the line. How to renew the certs as for now all of my certs are expired?

I have run:
./letsencrypt.sh renew mydomain.com 4096

and I got the message saying that Certificate for mydomain.com has been created successfully!

but it's not?

I'd suggest using command mentioned in https://www.directadmin.com/features.php?id=1828:

echo "action=rewrite&value=letsencrypt" >> /usr/local/directadmin/data/task.queue

 

[redjersey]

Don't know about that. I just do it in the control panel.

No. If I do this using the control panel, I'm actually installing a new one, not renewing it.

@smtalk it's not working. I have run the ./letsencrypt.sh mydomain.ext 4096 after getting the successfully message, I run the

echo "action=rewrite&value=letsencrypt" >> /usr/local/directadmin/data/task.queue

and it's still not renewing. Am I missing something?

 

[ZipperZapper]

No. If I do this using the control panel, I'm actually installing a new one, not renewing it.

Why is that a problem? Fixes your current issue of expired certs immediately and gives you 90 days to fix the bigger problem with renewing.