Webserver reload missing when using manual dns?
-
I was just investigating an expired certificate on one of my Cloudron systems and wanted to leave a note here.
The app in question uses manual dns settings for reasons that are beyond my control, but port 80 is publicly available so that using lets encrypt should be no problem.
Looking at the logs below "Renew certificates" was sadly empty. I guess these have been rotated since the last certificate was issued.
Restarting the app had this bit in the apps logs, which means the certificate must have been successfully renewed back in december, and only the webserver has not been restarted since then.
Jan 25 12:02:44 => Start supervisor Jan 25 12:02:44 box:reverseproxy providerMatchesSync: subject=CN = lx.example.com domain=lx.example.com issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=false/false prod=true/true issuerMismatch=false wildcardMismatch=false match=true Jan 25 12:02:44 box:reverseproxy expiryDate: notAfter=Mar 25 11:10:49 2023 GMT daysLeft=59.00561143518519 Jan 25 12:02:44 box:reverseproxy needsRenewal: false Jan 25 12:02:44 box:reverseproxy ensureCertificate: lx.example.com acme cert exists and is up to date Jan 25 12:02:44 box:reverseproxy writeAppLocationNginxConfig: writing config for "lx.example.com" to /home/yellowtent/platformdata/nginx/applications/fdda3359-5b81-4228-b4cb-1f5dfe8a3436/lx.example.com.conf with options {"sourceDir":"/home/yellowtent/box","vhost":"lx.example.com","hasIPv6":true,"ip":"172.18.17.213","port":8080,"endpoint":"app","redirectTo":null,"certFilePath":"/home/yellowtent/platformdata/nginx/cert/lx.example.com.cert","keyFilePath":"/home/yellowtent/platformdata/nginx/cert/lx.example.com.key","robotsTxtQuoted":null,"cspQuoted":null,"hideHeaders":[],"proxyAuth":{"enabled":false,"id":"fdda3359-5b81-4228-b4cb-1f5dfe8a3436","location":"/"},"upstreamUri":"","ocsp":true} Jan 25 12:02:44 box:shell reload spawn: /usr/bin/sudo -S /home/yellowtent/box/src/scripts/restartservice.sh nginx -
G girish marked this topic as a question on
-
G girish has marked this topic as solved on
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login