Letsencrypt cert not being renewed. No error, just silently lapsing.

B

bokkepoot

Verified User
Joined
Jul 9, 2018
Messages
10
I have several domains that are using LE with autorenewal, but are not actually renewing :

Screenshot_2023-03-30_16-48-43.png


The data/users/user/domains/domain.cert.creation_time epoch is 1673654766 , so that' s indeed a bit in the past : Sat 14 Jan 2023

However, there are no error messages available even though those should be sent :

Code: 
grep lets conf/directadmin.conf
letsencrypt=1
letsencrypt_disable_renew_after_renew_failure=0
letsencrypt_renewal_days=75
letsencrypt_renewal_error_to_users=1
letsencrypt_renewal_failure_notice_after_attempt=5
letsencrypt_renewal_notice_to_admins=1
letsencrypt_renewal_success_notice=1
renew_letsencrypt_on_suspended_domain=0

When I manually trigger a renewal into the taskqueue , the domain does get renewed, as it should.
As such, I'm wondering if DA actually "sees" this domain as a potential renewal candidate.

Where/how does DA get its information on 'domains that need to be scanned for renewal' ?
 

Attachments

  • Screenshot_2023-03-30_16-48-43.png
    Screenshot_2023-03-30_16-48-43.png
    6.3 KB · Views: 79
Renewal date is 30-03, so maybe renewal was happening this night with the nightly tally (directadmin cron)

Also check this plugin

Plugin for LetsEncrypt domains overview

Plugin for easily displaying all domains on the server with active LetsEncrypt domains with the renewal dates. Is it free? Yes. Screenshot: Download & Installation: - Go to DirectAdmin Plugin Manager (as admin) - Install new plugin (from URL)...
forum.directadmin.com forum.directadmin.com
 
I see, renewal_days is not days left, but the age of the certificate. That would clear up things, thanks!
 
You must log in or register to reply here.
Back
Top