[BlueOnyx:22858] Re: automatic Let's Encrypt Renewal was did not happen

Brent Epp brent at pdc.ca
Mon Apr 29 09:01:38 -05 2019 

I think Dirk might be onto something here.

We had three certs up for renewal last week, all of which were all 
subdomains.  They all failed to renew automatically and had to be done 
by hand in the GUI.  A cert expiring today was renewed successfully 
*without* our intervention, but it was a plain www domain.

For informational / troubleshooting purposes:

The www domain is configured as:
  - host name 'www'
  - domain name 'whatever-domain.com'
  - includes two domain aliases
  - 'Web Alias Redirects' is OFF
  - domain and aliases renewed SSL without error

The subdomains that failed last week:
  - host name is 'whatever-subdomain'
  - domain name is 'whatever-domain.com'
  - is a full vsite (ie.: not using the subdomain feature on an existing 
vsite)
  - has no domain aliases


Thanks
  - Brent

On 2019-04-27 13:54, Dirk Estenfeld wrote:
> Hello,
>
> maybe another issue.
> Today there was an automatic renewal of a let's encrypt certificate.
> But the renew was only for domain.tld not for www.domain.tld
> I had manually renew the certificate again to get a le certificate with domain and www.domain.
> Maybe an issue in the renew script?
>
> Best regards,
> Dirk
>
> ---
>
> blackpoint GmbH – Friedberger Straße 106b – 61118 Bad Vilbel
>
> -----Ursprüngliche Nachricht-----
> Von: Blueonyx <blueonyx-bounces at mail.blueonyx.it> Im Auftrag von Brent Epp
> Gesendet: Donnerstag, 25. April 2019 14:37
> An: BlueOnyx General Mailing List <blueonyx at mail.blueonyx.it>
> Betreff: [BlueOnyx:22844] Re: automatic Let's Encrypt Renewal was did not happen
>
> Our renewals scheduled for today also did not run.
>
> I can confirm same thing as Colin here: the entries in the LE log suggest that certs were only renewed when we performed the renewals by hand in the GUI.
>
>    - Brent
>
> On 2019-04-25 05:55, Colin Jack wrote:
>> Hi Dirk,
>>
>> On 25/04/2019, 11:07, "Blueonyx on behalf of Dirk Estenfeld" <blueonyx-bounces at mail.blueonyx.it on behalf of dirk.estenfeld at blackpoint.de> wrote:
>>
>>       Hello,
>>       
>>       today a customer resported that a let's encrypt certificate was not renewed
>>       automatically. The certificate was outdated today.
>>
>> We had the same today ... renewed through the GUI fine but automatic had failed.
>>
>> LE log suggests the cron job didn't run - only entry in log is from GUI renewal, but cron log shows acmesh running every day.
>>
>> Colin
>>    
>>
>>
>> _______________________________________________
>> Blueonyx mailing list
>> Blueonyx at mail.blueonyx.it
>> http://mail.blueonyx.it/mailman/listinfo/blueonyx
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20190429/2456a609/attachment.html>

More information about the Blueonyx mailing list