Cannot login to cloudron dashboard due to falling back to self-signed certificate
-
It seems that our certificate for the my.*****. has not been renewed & has fallen back to a self-signed certificate. The support documentation regarding manually renewing certificates requires logging into the dashboard. I cannot do this due to HTTP Strict Transport Security (HSTS). I can't add an exception and login.
How can I do this over ssh manually?
-
We did have an issue in our last release about certificate renewals not always happening correctly. This is fixed. However in your case you have to first login and manually refresh the certificates using the corresponding button in the dashboard. The easiest way in your case might be, to simply use another browser to for that one-time login to avoid the HSTS issue, or you can purge your browser history from your dashboard domain and restart the browser, then you will be able to add a temporary exception.
Sorry about all that inconvenience.
-
HI, thanks for the prompt reply. I logged in with another browser & it seems that the certificate has renewed itself now so everything is back to normal.
When the problem was there earlier on today, I noticed when browsing /home/yellowtent/boxdata/certs - the my.****. certs where modified on 03/08/2019 - 90 days ago, so they must have expired. Now with everything working - the date is 03/10/2019, so it was renewed between then & now without any input from me. Aren't the certificates supposed to be renewed automatically before 90 days? It seems to have only been renewed after exactly 90 days. Is there anything that I can do/check at my end to prevent this from happening again?
-
Most likely this was due to the issue in the last release. If renewal is attempted but fails for some reasons you will get an email notification about that. Generally it will start trying to renew 1 month prior to expiration.
