I am seeing errors on letsencrypt
I am having more and more domains, over different servers, going into 'negative days to renewal' if you look at the number of days for renewal.
The latest ./build letsencrypt does not download a new version of scripts/letsencrypt.sh
The letsencrypt.sh script which was downloaded Feb 7 with version 2.0.32 is working. (and found one on Feb 6)
$ ll scripts/letsencrypt.sh
-rwx------ 1 diradmin diradmin 27749 Feb 7 05:40 scripts/letsencrypt.sh
$ head scripts/letsencrypt.sh
#!/bin/bash
#VERSION=2.0.32
# This script is written by Martynas Bendorius and DirectAdmin
The letsencrypt.sh script which was downloaded Feb 15 has no version number (and does not work as expected)
-rwxr-xr-x 1 root root 22784 Feb 15 09:53 ../scripts/letsencrypt.sh
Note: today I installed a DA box, and this is the file (just installed hours ago):
# ll scripts/letsencrypt.sh
-rwxr-xr-x 1 root root 22784 Feb 15 04:03 scripts/letsencrypt.sh
[root@217-182-193-117 directadmin]# head -5 scripts/letsencrypt.sh
#!/bin/bash
if [ "$(id -u)" != "0" ]; then
As you can see, no version number.
Output when we request a simple domain and www.domain certificate:
(note: acme urls are fake, anonymized)
When I do ./build letsencrypt I see:
download_cached: using cached '/usr/local/directadmin/custombuild/cache/lego_v4.14.2-SNAPSHOT-cd63b325_linux_amd64.tar.gz' file
lego
######################################################################## 100.0%
Lego 4.14.2-SNAPSHOT-cd63b325 Installed.
Same output if I do ./build lego.
(I also emptied the cache, but to no avail).
NOTE: lego is okay, and not 'the problem'. It is the script letsencrypt.sh.
I looked (in evo skin) to choose for 'versions' of letsencrypt, but I can not choose an older version there, letsencrypt is not even shown there ( /evo/admin/custombuild/customize-versions ).
I know I can manually overwrite letsencrypt.sh with a version from https://files.directadmin.com/services/all/letsencrypt/
But strange enough I am not able to find version 2.0.32 there.
I will keep using VERSION 2.0.32. But I assume it will get overwritten by a next update of DA. I hope they read this thread and it gets repaired soon.
it would be nice if the POST THREAD button had a checkbox [x] notify directadmin, this is a system problem. But they would get too many notifications I guess.
Anyone having this same problem: please contact DA. I am using the older version and have no helpdesk access. They do PM me though when needed, which is good.
I am having more and more domains, over different servers, going into 'negative days to renewal' if you look at the number of days for renewal.
The latest ./build letsencrypt does not download a new version of scripts/letsencrypt.sh
The letsencrypt.sh script which was downloaded Feb 7 with version 2.0.32 is working. (and found one on Feb 6)
$ ll scripts/letsencrypt.sh
-rwx------ 1 diradmin diradmin 27749 Feb 7 05:40 scripts/letsencrypt.sh
$ head scripts/letsencrypt.sh
#!/bin/bash
#VERSION=2.0.32
# This script is written by Martynas Bendorius and DirectAdmin
The letsencrypt.sh script which was downloaded Feb 15 has no version number (and does not work as expected)
-rwxr-xr-x 1 root root 22784 Feb 15 09:53 ../scripts/letsencrypt.sh
Note: today I installed a DA box, and this is the file (just installed hours ago):
# ll scripts/letsencrypt.sh
-rwxr-xr-x 1 root root 22784 Feb 15 04:03 scripts/letsencrypt.sh
[root@217-182-193-117 directadmin]# head -5 scripts/letsencrypt.sh
#!/bin/bash
if [ "$(id -u)" != "0" ]; then
As you can see, no version number.
Output when we request a simple domain and www.domain certificate:
Code:
Cannot Execute Your Request
Details
ss: unrecognized option '--no-header'
Usage: ss [ OPTIONS ]
ss [ OPTIONS ] [ FILTER ]
-h, --help this message
-V, --version output version information
-n, --numeric don't resolve service names
-r, --resolve resolve host names
-a, --all display all sockets
-l, --listening display listening sockets
-o, --options show timer information
-e, --extended show detailed socket information
-m, --memory show socket memory usage
-p, --processes show process using socket
-i, --info show internal TCP information
-s, --summary show socket usage summary
-b, --bpf show bpf filter socket information
-Z, --context display process SELinux security contexts
-z, --contexts display process and socket SELinux security contexts
-N, --net switch to the specified network namespace name
-4, --ipv4 display only IP version 4 sockets
-6, --ipv6 display only IP version 6 sockets
-0, --packet display PACKET sockets
-t, --tcp display only TCP sockets
-S, --sctp display only SCTP sockets
-u, --udp display only UDP sockets
-d, --dccp display only DCCP sockets
-w, --raw display only RAW sockets
-x, --unix display only Unix domain sockets
-f, --family=FAMILY display sockets of type FAMILY
-A, --query=QUERY, --socket=QUERY
QUERY := {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink}[,QUERY]
-D, --diag=FILE Dump raw information about TCP sockets to FILE
-F, --filter=FILE read filter information from FILE
FILTER := [ state STATE-FILTER ] [ EXPRESSION ]
STATE-FILTER := {all|connected|synchronized|bucket|big|TCP-STATES}
TCP-STATES := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|closed|close-wait|last-ack|listen|closing}
connected := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}
synchronized := {established|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}
bucket := {syn-recv|time-wait}
big := {established|syn-sent|fin-wait-{1,2}|closed|close-wait|last-ack|listen|closing}
2024/02/15 21:40:34 [INFO] [mydomain.com, www.mydomain.com] acme: Obtaining SAN certificate
2024/02/15 21:40:35 [INFO] [mydomain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3156876654565
2024/02/15 21:40:35 [INFO] [www.mydomain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3457765157656
2024/02/15 21:40:35 [INFO] [mydomain.com] acme: Could not find solver for: tls-alpn-01
2024/02/15 21:40:35 [INFO] [mydomain.com] acme: use http-01 solver
2024/02/15 21:40:35 [INFO] [www.mydomain.com] acme: Could not find solver for: tls-alpn-01
2024/02/15 21:40:35 [INFO] [www.mydomain.com] acme: use http-01 solver
2024/02/15 21:40:35 [INFO] [mydomain.com] acme: Trying to solve HTTP-01
2024/02/15 21:40:35 [INFO] [www.mydomain.com] acme: Trying to solve HTTP-01
2024/02/15 21:40:36 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3157676654565
2024/02/15 21:40:36 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3457765185656
2024/02/15 21:40:36 Could not obtain certificates:
error: one or more domains had a problem:
[mydomain.com] [mydomain.com] acme: error presenting token: could not start HTTP server for challenge: listen tcp :80: bind: address already in use
[www.mydomain.com] [www.mydomain.com] acme: error presenting token: could not start HTTP server for challenge: listen tcp :80: bind: address already in use
Failed to issue new certificate
(note: acme urls are fake, anonymized)
When I do ./build letsencrypt I see:
download_cached: using cached '/usr/local/directadmin/custombuild/cache/lego_v4.14.2-SNAPSHOT-cd63b325_linux_amd64.tar.gz' file
lego
######################################################################## 100.0%
Lego 4.14.2-SNAPSHOT-cd63b325 Installed.
Same output if I do ./build lego.
(I also emptied the cache, but to no avail).
NOTE: lego is okay, and not 'the problem'. It is the script letsencrypt.sh.
I looked (in evo skin) to choose for 'versions' of letsencrypt, but I can not choose an older version there, letsencrypt is not even shown there ( /evo/admin/custombuild/customize-versions ).
I know I can manually overwrite letsencrypt.sh with a version from https://files.directadmin.com/services/all/letsencrypt/
But strange enough I am not able to find version 2.0.32 there.
I will keep using VERSION 2.0.32. But I assume it will get overwritten by a next update of DA. I hope they read this thread and it gets repaired soon.
it would be nice if the POST THREAD button had a checkbox [x] notify directadmin, this is a system problem. But they would get too many notifications I guess.
Anyone having this same problem: please contact DA. I am using the older version and have no helpdesk access. They do PM me though when needed, which is good.