LetsEncrypt Issue

Thank you so much, I just downgrade to 1.1.25 and it work again, Thank you so much
 
Thanks, Richard G, I just try 1.1.32 but still same, so I downgrade back to 1.1.25, I will use it until they fix this problem, Thanks
 
This is not releated to the problems some users has in this thread, but I would like to point out that it is a good idea to monitor Let's Encrypt status page at https://letsencrypt.status.io - currently there is a active issue from October 3 wich is still not resolved, wich could give timeouts. Look under the heading "Timeouts Accessing Some API Endpoints"
 
@Ditto: Thank you, good tip! This explains some timeouts I was having on other domains. I didn't care because they worked a day later. But it's always good to have a place to check things.

@glio: You might consider sending in a ticket about that issue.
 
Maybe could they just add option for us? 2 option :1. the old way just like before 1.1.25 2.the new way, add "pre_check"
so we can choice which one we are working to use and everyone will be happy.
 
Only @Smtalk can answer that I guess. I presume there is a good reason for changing the way this works, maybe the old way will be deprecated in the future or it's done to prevent running in to limits or other error notices? I don't know.
If it could be done it would be nice indeed.
 
I want to report I just try Let's Encrypt 1.1.33, but still same problem, I think I better to keep 1.1.25 for using
 
Last edited:
Hi,

This is my first default/basic DA server setup, using the default setup and getting a lot of issues to make things working.

I am troubleshooting in the last 7 days, already post in other forum categories and I did not get any help.

Some time ago I use DA and DirectAdmin forum was very active and helpful.

I really hope that somebody could help me with this DA issue with Let's Encrypt wildcard limitation.

I tried to install Let's Encrypt wildcard but I get an error because DA script do not allow me to add the LE activation record on my external DNS.

This seem to be a DA limitation because PLESK allow users to set the LE activation record for wildcard on external DNS server.

Plesk guide
https://docs.plesk.com/en-US/obsidia...encrypt.79603/

"Whether the Let’s Encrypt extension adds the DNS record automatically or you do it manually, it can take some time before it propagates. We recommend that you check that the DNS record was added before going to the next step. Here is how you can do it:"

So how can DA users know which TXT record should we add for complete certificate validation ?

This feature exist so when will it be fixed to allow users to add the record in the external DNS server ?

Thanks
 
Let's Encrypt certificates auto-renew themselves. Are you going to re-add these DNS records manually every 60 days? I wouldn't call this auto-renewal though, as it'd require manual action :)
 
smtalk said:
Let's Encrypt certificates auto-renew themselves. Are you going to re-add these DNS records manually every 60 days? I wouldn't call this auto-renewal though, as it'd require manual action :)
Click to expand...

Hi Martynas,

Plesk is doing why DirectAdmin do not allow Lets Encrypt wildcard certificates when using external DNS servers ?

This seems not good because the way DA is doing it I can not get LE wildcard certificates into DirectAdmin.

It should be available, just change the script and allow the user to see the activation record that he need to add in external DNS with a confirmation button to continue the script.

Do not seem very complicated and will allow to work with both local DNS and external DNS.

Seems logical, I did not expect to see this limitation on DirectAdmin because DA is very active in implementing new features.

Doing this way will limit the use of LE wildcard certificates for local DNS that is a no sense because awe all now that its better to get a external DNS service.

Thanks
 
crenet said:
Hi,

This is my first default/basic DA server setup, using the default setup and getting a lot of issues to make things working.

I am troubleshooting in the last 7 days, already post in other forum categories and I did not get any help.

Some time ago I use DA and DirectAdmin forum was very active and helpful.

I really hope that somebody could help me with this DA issue with Let's Encrypt wildcard limitation.

I tried to install Let's Encrypt wildcard but I get an error because DA script do not allow me to add the LE activation record on my external DNS.

This seem to be a DA limitation because PLESK allow users to set the LE activation record for wildcard on external DNS server.

Plesk guide
https://docs.plesk.com/en-US/obsidia...encrypt.79603/

"Whether the Let’s Encrypt extension adds the DNS record automatically or you do it manually, it can take some time before it propagates. We recommend that you check that the DNS record was added before going to the next step. Here is how you can do it:"

So how can DA users know which TXT record should we add for complete certificate validation ?

This feature exist so when will it be fixed to allow users to add the record in the external DNS server ?

Thanks
Click to expand...
Thanks, but your link is not working...

P.S: Let's Encrypt 1.1.25 is not work anymore(I think something changed and it not work anymore =_=!) , even 1.1.38
 
Last edited:
crenet said:
Hi Martynas,

Plesk is doing why DirectAdmin do not allow Lets Encrypt wildcard certificates when using external DNS servers ?

This seems not good because the way DA is doing it I can not get LE wildcard certificates into DirectAdmin.

It should be available, just change the script and allow the user to see the activation record that he need to add in external DNS with a confirmation button to continue the script.

Do not seem very complicated and will allow to work with both local DNS and external DNS.

Seems logical, I did not expect to see this limitation on DirectAdmin because DA is very active in implementing new features.

Doing this way will limit the use of LE wildcard certificates for local DNS that is a no sense because awe all now that its better to get a external DNS service.

Thanks
Click to expand...
I think so, my domain have some MX, A type and CNAME 's and value to external ip(out of my server, like google suite's server), so I think that is the problem why we can't finish and get ssl cert

Could DA don't limit external DNS anymore or add selection to us disable or enable it? Thanks
 
Last edited:
Finally, I find a stupid way to let new version(1.1.38) of Lets Encrypt to work, hope this can help the guys like me or dev to find a way may it more user friend: Go to dns control, and delete all external DNS(MX, CNAME, A...) and you can finish your cert request.

Please, we need DA to support external DNS and make it more user friendly
 
glio said:
Thanks, but your link is not working...

P.S: Let's Encrypt 1.1.25 is not work anymore(I think something changed and it not work anymore =_=!) , even 1.1.38
Click to expand...


The link was fine and some how it stop working.

This is what we can read in Plesk doc about Let's Encrypt certificates, DA urgently need to add this feature in Directadmin for users that are using external DNS services. I think this a basic feature for who want to optimize DNS.
I just can not believe that DA is not able to do it.
To forum administrator this is not a promotion link this is just a prove that it´s possible to allow DA users to add LE wildcard certificates into DirectAdmin, you must use this feature as soon as possible.
 
@glio
Are you sure it's not only a matter of deleting the _acme-challenge record? Because I had the same problem in some previous versions.

@crenet
This thread was initiated by my ISP and virtually marked as solved by me because some versions ago DA actually started to works with LE wildcard on external DNS. Read some pages back on this thread.
 
_rik_ said:
@glio
Are you sure it's not only a matter of deleting the _acme-challenge record? Because I had the same problem in some previous versions.

@crenet
This thread was initiated by my ISP and virtually marked as solved by me because some versions ago DA actually started to works with LE wildcard on external DNS. Read some pages back on this thread.
Click to expand...

Will you please informe me where is the post that fix it because I am on DA 1.59.5 and I can´t add LE wildcard certificates.

hi @_rik_

Will you please informe me where is the post that fix it because I am on DA 1.59.5 and I can´t add LE wildcard certificates ?

Or is only working on pre-release version ?

By the way does anybody know how must time a feature stays in pre-release version before moving to stable release version ?

Thanks
 
Hi @crenet
I'm not on a pre-release, it was fixed with the version released in October 2019 that ships with Letsencrypt.sh 1.1.31
So at this point, there are 2 cases:
1) You have something wrong in the config.
2) DA has re-introduced a new problem with the latest version

In any case, try to delete the _acme-challenge record and retry. If you come from an older version could help as it did for me.
 
You must log in or register to reply here.
Back
Top