Problem with Certificate Auto Renew Let's Encrypt

Hello,

Try and check directadmin logs and system messages, they should give clues on why automatic renewal fails.
 
If DIrectadmin fails to renew a cert admins get notified about it via system messages and by email.

Check /var/log/directadmin/ for clues.

Reset creation time to 0 in the files or selectively per domain:

/usr/local/directadmin/data/users/*/domains/*.cert.creation_time

and run a process in a debug mode:



Code: 
echo "action=rewrite&value=letsencrypt" >> /usr/local/directadmin/data/task.queue && /usr/local/directadmin/dataskq d800
 
I do not see any info in the logs about ssl maybe i gonna wait to 30 may
In the domains/*.cert.creation_time there is on file 'cert.creation_time ' i do no how to reset creation time to 0


Debug mode. Level 800

root priv set: uid:0 gid:0 euid:0 egid:0
pidfile written
starting queue
dataskq: command: action=rewrite&value=letsencrypt
done queue


Edit ok i found *.cert.creation_time i need open and change to 0?
 
Last edited:
the second command should be executed now, it has no sense to run it without prior resetting creation time.

#4
 
Sorry, i do not expert in DA :) i get now :


root priv set: uid:0 gid:0 euid:0 egid:0
pidfile written
starting queue
dataskq: command: action=rewrite&value=letsencrypt
done queue
 
expected reply:

Code: 
Debug mode. Level 800


root priv set: uid:0 gid:0 euid:0 egid:0
pidfile written
starting queue
dataskq: command: action=rewrite&value=letsencrypt
[B]LetsEncrypt renewal on domain.com has succeeded. Not sending a notice.[/B]
done queue

Change time to 100 instead of 0, otherwise it will give

Code: 
Unable to read the time from the string '0' from the file /usr/local/directadmin/data/users/userbob/domains/domain.com.cert.creation_time

and try the same.

+ Then post here in text results from

Code: 
/usr/local/directadmin/directadmin c | grep letsencrypt
 
letsencrypt=1
letsencrypt_renewal_days=60
letsencrypt_max_requests_per_week=20
letsencrypt_multidomain_cert=2
letsencrypt_renewal_success_notice=0
renew_letsencrypt_on_suspended_domain=0
letsencrypt_list=www:mail:ftp:pop:smtp
letsencrypt_list_selected=www
 
Contact directadmin developers for a possibly free audit on your server or me for a paid support.
 
I asked DA Support "So I'd recommend changing your hostname to be something like: server.domain.com" now is domain.com
https://help.directadmin.com/item.php?id=405

But when i do this domain.com do not work i get
DNS_PROBE_FINISHED_NXDOMAIN"

MX, A records exist
I have Local Data :NO hmm..

I don't understand step 2 i have to add to directadmin.conf named_rename_hostname_zone=1 ?
DA as well do not work, webmail. but subdomain (demo)works good.


Thanks
 
Last edited:
if you changed your domain name or hostname, make sure you still have the correct DNS zone and records.

Kindly provide a real domain name if you need more detailed help.
 
server.web-komp.eu, and web-komp.eu resolve fine.

Directadmin is not accessible. What error do you see in Directadmin logs under /var/log/directadmin/?

I could fix it for you quickly, if you want, contact me privately for a paid support. It is OK if we proceed here, and it might take a while to check/test/fix.
 
Now seems to be works good I will let you know if auto renew SSl do not work correct. Is the any possible check early? now i need wait 14 day :|
 
Directadmin starts attempts to renew existing certs 30 days before it's expiration date. So you have to wait 59-60 days, unless you reset creation time stored in *.cert.creation_time to 100 for example or another value (do not set it to zero though).
 
Try

Code: 
echo $(hostname -f) >> /etc/virtual/domainowners

and request a cert for your hostname
 
You must log in or register to reply here.
Back
Top