Cloudron Forum

this issue has been resolved and the certificates have been renewed and access to the site has been restored. there was an issue with the server dns settings which was causing the certificates to not renew.

Thank you @nebulon ... it's awesome timing , thanks for the share! I guess that should be considered a solved problem for the future then.

The porkbun issue is fixed in 8.1

@girish Confirming that the issue was unrelated. It was very helpful to be able to manually refresh certificates and then view the log files. Thanks!

Hi @girish, hi @nebulon. Many thanks for perfect explanation, hope to have got that. Have now configured as explained above and apex domain does now also produces perfectly valid cert signed by LE. Many thanks also for impressingly quick response during weekend - appreciated.

@girish Thank you. Your solution did the trick. But we needed the ipv6 to be functional. So what we did to make it work was > reinstall Ubuntu 22.04 LTS OS and didn't install unbound in advance. All is good now.

@matix131997 my understanding is that issuance from E1 requires whitelisting of your LE account - https://letsencrypt.org/certificates/ . This is why ISRG Root X2 is still limited availability.

@hiramfromthechi thanks, I replied. Looks like MySQL is down.

@girish This worked like a charm. And everything is working as I wanted And this script is going to change the web hosting industry. I think that it's one of the best scripts I've ever used in this industry. Thank you guys

This should be fixed in 7.3.6

@henry000 the problem is already fixed in 7.6. Are you on Cloudron 7.6 ?

@AgentM which dns provider are you using? If you go to Domains -> Renew all certs, can you check the logs as to why it is it not getting the certs?

@girish That did the trick, I appreciate it.

@lcd_official thanks for the kind words

yeah, I am not sure what changed on Cloudflare side, but we had to do this on our servers as well.

@omen OK, I figured out how configure Fastly now... Please configure it like below: Enable TLS - Yes Verify Certificate - Yes Certificate hostname - In my case, it is wildcard. But since you use the 'manual' provider, the hostname is subdomain.example.com. SNI hostname - this is subdomain.example.com. With the above settings, fastly serves up pages fine on http. [image: 1640323796482-c787fbfb-57bb-4793-a100-3da1015ba6a5-image-resized.png] One thing to remember is, because you are using "manual" DNS provider, Cloudron requires "http" callbacks for Let's Encrypt to work. I am not sure how this works in fastly, does it allow you to have some URLs that are not "cached" ? I guess one way is to call the Cloudron app subdomain as "website.domain.com" but the domain in fastly should be something else like "realwebsite.domain.com" (meaning, name it different). This way, manual setting on Cloudron can continue to use HTTP reliably to get certificates. If you want the domain names to be same, you have to use one of the automated DNS providers in Cloudron.

@cdolson thanks for reporting. I have replied in the LE forum. Looks like we introduced a bug in our DO 1-click image. I am working on a fix. Apologies for the mails you have been getting!

@aziz So, certificate for *.devz.cloud is already there, so if you install apps on subdomain it will work. Cert for devz.cloud (it is not a subdomain, so we have to get a separate cert from the wildcard cert) is getting rate limited. You can just wait for 2-3 days to install an app on the bare domain and that should work. You should be able to install apps in subdomains in the meantime.