Let's encrypt takes a long time

N

Nickske00

Verified User
Joined
Nov 30, 2015
Messages
89
Hi,

I have a fresh CentOS 8 server here, installed DA last weekend. One thing I noticed is it takes a long time to request a let's encrypt certificate.

Code: 
Log: /var/log/directadmin/system.log
2020:04:28-11:18:09: LetsEncrypt(23383): /usr/local/directadmin/scripts/letsencrypt.sh request 'XXX' 4096 /usr/local/directadmin/data/users/XX/domains/XXX.ssltmpfAbrIO /var/www/html
2020:04:28-11:25:29: LetsEncrypt(23383): exit code: 0 for domain='XXX'

I removed the domain and user ;) But it's the third certificate I requested, and every time it took this long to complete.. Are there any other logs I can look into as why it takes so long? On my CentOS 7 servers the request is almost instantly finished...

This isn't a priority, because it's working, but maybe if someone from DA stumbles on this they can see if they can replicate this behaviour. ;)
 
How long? Usually www.domain mail.domain domain (three items) takes about 8-10 sec at my servers. I'm using google DNS
 
Look at the two log lines ;)
Start: 2020:04:28-11:18:09
End: 2020:04:28-11:25:29

So a little more than 7 minutes. ;)
 
I have the same issue but not exactly - after few minutes generating certificate ends with error:
Code: 
YOUR CONNECTION HAS TIMED OUT
Either your request was invalid or the program hasn't completed your request.
Please notify the server admin

/var/log/directadmin/error.log
Code: 
2020:07:14-17:33:10: Timeout (timeout=60) from 46.175.239.150 : last flagged: Ssl::use_letsencrypt:action='request': running: /usr/local/directadmin/scripts/letsencrypt.sh request 'domain.com' 4096 /usr/local/directadmin/data/users/johnybybk/domains/domain.com.ssltmpwXtAI9 /var/www/html : getDirFilesAndDirs(/usr/local/directadmin/plugins, *tlf, *tdlf, (null)) : done

The same for all users and domains.

Sometimes in this files appear:
Code: 
2020:07:14-17:14:53: Ssl::getKeyBit: Error checking for key bit size:

How can i diagnose reason of the issue?
Please help :)

Regards
 
Last edited:
I found logs in /var/log/httpd/access_log

Code: 
116.202.51.200 - - [15/Jul/2020:02:45:06 +0200] "GET /.well-known/acme-challenge/PI_CT1_7YUNRCZWHHPVLJ3A-4F9K1NRL HTTP/1.0" 404 481 "-" "Cpanel-HTTP-Client/1.0"
116.202.51.200 - - [15/Jul/2020:05:44:59 +0200] "GET /.well-known/acme-challenge/8_H2-B_QLEUGDHQ1L28J8XC6PIDXTAOK HTTP/1.0" 404 481 "-" "Cpanel-HTTP-Client/1.0"
116.202.51.200 - - [15/Jul/2020:08:45:14 +0200] "GET /.well-known/acme-challenge/39MVZXRR9I_177M1D-3V7VOU_ZX5XVG0 HTTP/1.0" 404 481 "-" "Cpanel-HTTP-Client/1.0"

Why status is 404? Hashed file, for example 39MVZXRR9I_177M1D-3V7VOU_ZX5XVG0 dosen't exist in /home/username/domains/domain.com/public_html/.well-known/acme-challenge and probably this is reason. Why file was not created?

Any idea how to diagnose and solve this situation?
 
How can i update letsencrypt to higher version than 2.0.5? :)
Build shows 2.0.5 as latest.
 
You must log in or register to reply here.
Back
Top