Let's encrypt takes a long time

Nickske00

Verified User
Joined
Nov 30, 2015
Messages
30
Hi,

I have a fresh CentOS 8 server here, installed DA last weekend. One thing I noticed is it takes a long time to request a let's encrypt certificate.

Code:
Log: /var/log/directadmin/system.log
2020:04:28-11:18:09: LetsEncrypt(23383): /usr/local/directadmin/scripts/letsencrypt.sh request 'XXX' 4096 /usr/local/directadmin/data/users/XX/domains/XXX.ssltmpfAbrIO /var/www/html
2020:04:28-11:25:29: LetsEncrypt(23383): exit code: 0 for domain='XXX'
I removed the domain and user ;) But it's the third certificate I requested, and every time it took this long to complete.. Are there any other logs I can look into as why it takes so long? On my CentOS 7 servers the request is almost instantly finished...

This isn't a priority, because it's working, but maybe if someone from DA stumbles on this they can see if they can replicate this behaviour. ;)
 

Nickske00

Verified User
Joined
Nov 30, 2015
Messages
30
Look at the two log lines ;)
Start: 2020:04:28-11:18:09
End: 2020:04:28-11:25:29

So a little more than 7 minutes. ;)
 

JohnyByk

Verified User
Joined
Mar 7, 2012
Messages
236
I have the same issue but not exactly - after few minutes generating certificate ends with error:
Code:
YOUR CONNECTION HAS TIMED OUT
Either your request was invalid or the program hasn't completed your request.
Please notify the server admin
/var/log/directadmin/error.log
Code:
2020:07:14-17:33:10: Timeout (timeout=60) from 46.175.239.150 : last flagged: Ssl::use_letsencrypt:action='request': running: /usr/local/directadmin/scripts/letsencrypt.sh request 'domain.com' 4096 /usr/local/directadmin/data/users/johnybybk/domains/domain.com.ssltmpwXtAI9 /var/www/html : getDirFilesAndDirs(/usr/local/directadmin/plugins, *tlf, *tdlf, (null)) : done
The same for all users and domains.

Sometimes in this files appear:
Code:
2020:07:14-17:14:53: Ssl::getKeyBit: Error checking for key bit size:
How can i diagnose reason of the issue?
Please help :)

Regards
 
Last edited:

JohnyByk

Verified User
Joined
Mar 7, 2012
Messages
236
I found logs in /var/log/httpd/access_log

Code:
116.202.51.200 - - [15/Jul/2020:02:45:06 +0200] "GET /.well-known/acme-challenge/PI_CT1_7YUNRCZWHHPVLJ3A-4F9K1NRL HTTP/1.0" 404 481 "-" "Cpanel-HTTP-Client/1.0"
116.202.51.200 - - [15/Jul/2020:05:44:59 +0200] "GET /.well-known/acme-challenge/8_H2-B_QLEUGDHQ1L28J8XC6PIDXTAOK HTTP/1.0" 404 481 "-" "Cpanel-HTTP-Client/1.0"
116.202.51.200 - - [15/Jul/2020:08:45:14 +0200] "GET /.well-known/acme-challenge/39MVZXRR9I_177M1D-3V7VOU_ZX5XVG0 HTTP/1.0" 404 481 "-" "Cpanel-HTTP-Client/1.0"
Why status is 404? Hashed file, for example 39MVZXRR9I_177M1D-3V7VOU_ZX5XVG0 dosen't exist in /home/username/domains/domain.com/public_html/.well-known/acme-challenge and probably this is reason. Why file was not created?

Any idea how to diagnose and solve this situation?
 

JohnyByk

Verified User
Joined
Mar 7, 2012
Messages
236
How can i update letsencrypt to higher version than 2.0.5? :)
Build shows 2.0.5 as latest.
 
Top