LetsEncrypt Issue

glio

Verified User
Joined
Jan 8, 2008
Messages
54
Thank you so much, I just downgrade to 1.1.25 and it work again, Thank you so much
 

glio

Verified User
Joined
Jan 8, 2008
Messages
54
Thanks, Richard G, I just try 1.1.32 but still same, so I downgrade back to 1.1.25, I will use it until they fix this problem, Thanks
 

ditto

Verified User
Joined
Apr 27, 2009
Messages
2,450
This is not releated to the problems some users has in this thread, but I would like to point out that it is a good idea to monitor Let's Encrypt status page at https://letsencrypt.status.io - currently there is a active issue from October 3 wich is still not resolved, wich could give timeouts. Look under the heading "Timeouts Accessing Some API Endpoints"
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
4,218
Location
Maastricht
@Ditto: Thank you, good tip! This explains some timeouts I was having on other domains. I didn't care because they worked a day later. But it's always good to have a place to check things.

@glio: You might consider sending in a ticket about that issue.
 

glio

Verified User
Joined
Jan 8, 2008
Messages
54
Maybe could they just add option for us? 2 option :1. the old way just like before 1.1.25 2.the new way, add "pre_check"
so we can choice which one we are working to use and everyone will be happy.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
4,218
Location
Maastricht
Only @Smtalk can answer that I guess. I presume there is a good reason for changing the way this works, maybe the old way will be deprecated in the future or it's done to prevent running in to limits or other error notices? I don't know.
If it could be done it would be nice indeed.
 

glio

Verified User
Joined
Jan 8, 2008
Messages
54
I want to report I just try Let's Encrypt 1.1.33, but still same problem, I think I better to keep 1.1.25 for using
 

ikkeben

Verified User
Joined
May 22, 2014
Messages
636
Location
Netherlands Germany
Last edited:

crenet

Verified User
Joined
Sep 23, 2019
Messages
92
Hi,

This is my first default/basic DA server setup, using the default setup and getting a lot of issues to make things working.

I am troubleshooting in the last 7 days, already post in other forum categories and I did not get any help.

Some time ago I use DA and DirectAdmin forum was very active and helpful.

I really hope that somebody could help me with this DA issue with Let's Encrypt wildcard limitation.

I tried to install Let's Encrypt wildcard but I get an error because DA script do not allow me to add the LE activation record on my external DNS.

This seem to be a DA limitation because PLESK allow users to set the LE activation record for wildcard on external DNS server.

Plesk guide
https://docs.plesk.com/en-US/obsidia...encrypt.79603/

"Whether the Let’s Encrypt extension adds the DNS record automatically or you do it manually, it can take some time before it propagates. We recommend that you check that the DNS record was added before going to the next step. Here is how you can do it:"

So how can DA users know which TXT record should we add for complete certificate validation ?

This feature exist so when will it be fixed to allow users to add the record in the external DNS server ?

Thanks
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,328
Location
LT, EU
Let's Encrypt certificates auto-renew themselves. Are you going to re-add these DNS records manually every 60 days? I wouldn't call this auto-renewal though, as it'd require manual action :)
 

crenet

Verified User
Joined
Sep 23, 2019
Messages
92
Let's Encrypt certificates auto-renew themselves. Are you going to re-add these DNS records manually every 60 days? I wouldn't call this auto-renewal though, as it'd require manual action :)
Hi Martynas,

Plesk is doing why DirectAdmin do not allow Lets Encrypt wildcard certificates when using external DNS servers ?

This seems not good because the way DA is doing it I can not get LE wildcard certificates into DirectAdmin.

It should be available, just change the script and allow the user to see the activation record that he need to add in external DNS with a confirmation button to continue the script.

Do not seem very complicated and will allow to work with both local DNS and external DNS.

Seems logical, I did not expect to see this limitation on DirectAdmin because DA is very active in implementing new features.

Doing this way will limit the use of LE wildcard certificates for local DNS that is a no sense because awe all now that its better to get a external DNS service.

Thanks
 
Top