Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Failed LE Certs due to DNS config change

    Feature Requests
    3
    8
    245
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • robi
      robi last edited by

      I have a few domains that generate these failures now because they expired and the registrar re-pointed their DNS away from Cloudron.

      If there was a check to validate DNS before the error and notification is generated, the message would be much more useful and the constant retries could be stopped until DNS is back.

      Stop getting certs until then.

      Step up in intelligence.

      Life of Advanced Technology

      nebulon 1 Reply Last reply Reply Quote 1
      • nebulon
        nebulon Staff @robi last edited by

        @robi the next release will be less noisy about temporarily failing cert renewals. It will only raise warnings if it is actually timely urgent. So I guess your case would also be covered since by the time the cert expires your DNS records would be fine again.

        robi 1 Reply Last reply Reply Quote 1
        • robi
          robi @nebulon last edited by

          @nebulon No, as some of these domains we don't control. If they choose not to renew, they should go into a different state.

          Unconfigured perhaps.

          Life of Advanced Technology

          nebulon 1 Reply Last reply Reply Quote 1
          • nebulon
            nebulon Staff @robi last edited by

            @robi not sure I understand, so you are saying those are domains added to the Cloudron but with wildcard or manual DNS backend and thus the renewal fails because the records don't point to the Cloudron anymore? If this is the case, why have them on the Cloudron in the first place and probably more importantly why are there apps installed using them, which is why a renewal of certs would be triggered.

            robi 1 Reply Last reply Reply Quote 0
            • robi
              robi @nebulon last edited by

              @nebulon No.

              Customer wants domain hosted for any reason, let's say WP. At some point they either point the domain someplace else, or it expires and the registrar repoints to it's own DNS servers which point to parking servers.

              There's no "heads up" or customer contact that this has happened, just errors on our side.

              This could be more graceful.

              Life of Advanced Technology

              d19dotca 1 Reply Last reply Reply Quote 0
              • d19dotca
                d19dotca @robi last edited by

                @robi So in other words, you're wanting Cloudron to essentially notify you if it notices that registered domain names used on the Cloudron instance are pointed away from the server? In other words, a period check (like once a day or something) that notifies admins?

                --
                Dustin Dauncey
                www.d19.ca

                nebulon 1 Reply Last reply Reply Quote 0
                • nebulon
                  nebulon Staff @d19dotca last edited by

                  @d19dotca as I understand it, I also think this is not so much related to the cert renewal, but the failure to do so is just the symptom.

                  1 Reply Last reply Reply Quote 2
                  • robi
                    robi last edited by

                    Right, if Cloudron is no longer in control of a domain, switch that domain to manual or No-OP so all the other expected things don't keep failing.

                    Life of Advanced Technology

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Powered by NodeBB