Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. cloudron certs update API doesn't work

cloudron certs update API doesn't work

Scheduled Pinned Locked Moved Solved Support
apicertificates
9 Posts 3 Posters 1.3k Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • potemkin_aiP Offline
      potemkin_aiP Offline
      potemkin_ai
      wrote on last edited by girish
      #1

      Hello,

      I used to use Cloudron API to initiate certificates update under some special conditions:

      curl -k -X POST -H 'Content-Type: application/json' -H "authorization: Bearer $token" --data '{"domain": "'$dns_host_name'"}' https://$dns_host_name/api/v1/cloudron/renew_certs
      

      But it seems like stopped working, seems like it could happen around v7 release - no certificates are updated and here is all I'm getting at the logs now:

      Nov 26 06:06:04 box:settings initCache: pre-load settings
      Nov 26 06:06:04 box:taskworker Starting task 1453. Logs are at /home/yellowtent/platformdata/logs/tasks/1453.log
      Nov 26 06:06:04 box:reverseproxy renewCerts: Renewed certs of []
      Nov 26 06:06:04 box:reverseproxy cleanupCerts: start
      Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/cloud.my.domain.com.cert notAfter=Dec 3 11:00:57 2021 GMT daysLeft=7.329767881944444
      Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/default.cert notAfter=Jul 15 16:25:07 2023 GMT daysLeft=596.5548835532408
      Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/my.domain.com.host.cert notAfter=Jul 15 16:28:39 2023 GMT daysLeft=596.557337199074
      Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/fp.my.domain.com.cert notAfter=Dec 2 23:01:02 2021 GMT daysLeft=6.8298255324074075
      Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/my.my.domain.com.cert notAfter=Dec 3 11:00:41 2021 GMT daysLeft=7.329582418981482
      Nov 26 06:06:05 box:reverseproxy cleanupCerts: done
      Nov 26 06:06:05 box:taskworker Task took 0.186 seconds
      Nov 26 06:06:05 box:tasks setCompleted - 1453: {"result":null,"error":null}
      Nov 26 06:06:05 box:tasks update 1453: {"percent":100,"result":null,"error":null}
      
      

      When I click the button to renew certificate from the web - it does everything right, like it shall be and the logs are much much bigger.

      P.S. please, ignore **my.my.**domain.com - it's an artifact of search & replace for an actual domain.

      girishG 2 Replies Last reply
      0
      • potemkin_aiP potemkin_ai

        Hello,

        I used to use Cloudron API to initiate certificates update under some special conditions:

        curl -k -X POST -H 'Content-Type: application/json' -H "authorization: Bearer $token" --data '{"domain": "'$dns_host_name'"}' https://$dns_host_name/api/v1/cloudron/renew_certs
        

        But it seems like stopped working, seems like it could happen around v7 release - no certificates are updated and here is all I'm getting at the logs now:

        Nov 26 06:06:04 box:settings initCache: pre-load settings
        Nov 26 06:06:04 box:taskworker Starting task 1453. Logs are at /home/yellowtent/platformdata/logs/tasks/1453.log
        Nov 26 06:06:04 box:reverseproxy renewCerts: Renewed certs of []
        Nov 26 06:06:04 box:reverseproxy cleanupCerts: start
        Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/cloud.my.domain.com.cert notAfter=Dec 3 11:00:57 2021 GMT daysLeft=7.329767881944444
        Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/default.cert notAfter=Jul 15 16:25:07 2023 GMT daysLeft=596.5548835532408
        Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/my.domain.com.host.cert notAfter=Jul 15 16:28:39 2023 GMT daysLeft=596.557337199074
        Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/fp.my.domain.com.cert notAfter=Dec 2 23:01:02 2021 GMT daysLeft=6.8298255324074075
        Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/my.my.domain.com.cert notAfter=Dec 3 11:00:41 2021 GMT daysLeft=7.329582418981482
        Nov 26 06:06:05 box:reverseproxy cleanupCerts: done
        Nov 26 06:06:05 box:taskworker Task took 0.186 seconds
        Nov 26 06:06:05 box:tasks setCompleted - 1453: {"result":null,"error":null}
        Nov 26 06:06:05 box:tasks update 1453: {"percent":100,"result":null,"error":null}
        
        

        When I click the button to renew certificate from the web - it does everything right, like it shall be and the logs are much much bigger.

        P.S. please, ignore **my.my.**domain.com - it's an artifact of search & replace for an actual domain.

        girishG Offline
        girishG Offline
        girish
        Staff
        wrote on last edited by girish
        #2

        @potemkin_ai The endpoint /api/v1/cloudron/renew_certs is correct and so is the POST data that you are sending it. I think the logs that you are showing is for some other task tough. What is the response of the POST request? This will give a task id and then you can go into /home/yellowtent/platformdata/logs/tasks/{taskid}.log

        scookeS potemkin_aiP 2 Replies Last reply
        0
        • girishG girish

          @potemkin_ai The endpoint /api/v1/cloudron/renew_certs is correct and so is the POST data that you are sending it. I think the logs that you are showing is for some other task tough. What is the response of the POST request? This will give a task id and then you can go into /home/yellowtent/platformdata/logs/tasks/{taskid}.log

          scookeS Offline
          scookeS Offline
          scooke
          wrote on last edited by
          #3

          @girish If everything is correct they may have tried to do this during the most recent Let's Encrypt downtime. It lasted awhile.

          A life lived in fear is a life half-lived

          potemkin_aiP 1 Reply Last reply
          0
          • girishG girish

            @potemkin_ai The endpoint /api/v1/cloudron/renew_certs is correct and so is the POST data that you are sending it. I think the logs that you are showing is for some other task tough. What is the response of the POST request? This will give a task id and then you can go into /home/yellowtent/platformdata/logs/tasks/{taskid}.log

            potemkin_aiP Offline
            potemkin_aiP Offline
            potemkin_ai
            wrote on last edited by
            #4

            @girish don't think it's for another task:

            I'm checking the URL of the following format:
            https://my.domain/logs.html?taskId=

            where task id is what I'm getting in responce to the following query:

            curl -k -X POST -H 'Content-Type: application/json' -H "authorization: Bearer $token" --data '{"domain": "'$dns_host_name'"}' https://$dns_host_name/api/v1/cloudron/renew_certs
            

            And when I open that log it says 'checkCerts'.

            But, as I mentioned, the amount of tasks that are done with my POST query and what system is doing is really different and with my POST query nothing really happens.

            /home/yellowtent/platformdata/logs/tasks/{taskid}.log is exactly what I saw via the web console and shared earlier.

            It's quite a breaking change for me - any chance you can look at it?

            potemkin_aiP 1 Reply Last reply
            0
            • scookeS scooke

              @girish If everything is correct they may have tried to do this during the most recent Let's Encrypt downtime. It lasted awhile.

              potemkin_aiP Offline
              potemkin_aiP Offline
              potemkin_ai
              wrote on last edited by
              #5

              @scooke thanks for the idea, but nope - I tried my script and cloudron button at the same time; POST request didn't even initiated certificates updates, as you can see in my logs earlier.

              1 Reply Last reply
              1
              • potemkin_aiP potemkin_ai

                @girish don't think it's for another task:

                I'm checking the URL of the following format:
                https://my.domain/logs.html?taskId=

                where task id is what I'm getting in responce to the following query:

                curl -k -X POST -H 'Content-Type: application/json' -H "authorization: Bearer $token" --data '{"domain": "'$dns_host_name'"}' https://$dns_host_name/api/v1/cloudron/renew_certs
                

                And when I open that log it says 'checkCerts'.

                But, as I mentioned, the amount of tasks that are done with my POST query and what system is doing is really different and with my POST query nothing really happens.

                /home/yellowtent/platformdata/logs/tasks/{taskid}.log is exactly what I saw via the web console and shared earlier.

                It's quite a breaking change for me - any chance you can look at it?

                potemkin_aiP Offline
                potemkin_aiP Offline
                potemkin_ai
                wrote on last edited by
                #6

                @girish , really need help here

                girishG 1 Reply Last reply
                0
                • potemkin_aiP potemkin_ai

                  @girish , really need help here

                  girishG Offline
                  girishG Offline
                  girish
                  Staff
                  wrote on last edited by girish
                  #7

                  @potemkin_ai Looking back at the initial post, it seems that the query/curl is working fine. Cloudron will only renew the certs if they are expiring in a month. Calling /api/v1/cloudron/renew_certs does not mean that it will forcefully renew certs. It means "renew if needed". The logs are sparse because the certs were not expiring in a month, I am guessing, when you made the API call.

                  I can also confirm the 'checkCerts' in the log viewer is correct. Not sure where all this leaves us, does it answer your initial question?

                  1 Reply Last reply
                  0
                  • potemkin_aiP potemkin_ai

                    Hello,

                    I used to use Cloudron API to initiate certificates update under some special conditions:

                    curl -k -X POST -H 'Content-Type: application/json' -H "authorization: Bearer $token" --data '{"domain": "'$dns_host_name'"}' https://$dns_host_name/api/v1/cloudron/renew_certs
                    

                    But it seems like stopped working, seems like it could happen around v7 release - no certificates are updated and here is all I'm getting at the logs now:

                    Nov 26 06:06:04 box:settings initCache: pre-load settings
                    Nov 26 06:06:04 box:taskworker Starting task 1453. Logs are at /home/yellowtent/platformdata/logs/tasks/1453.log
                    Nov 26 06:06:04 box:reverseproxy renewCerts: Renewed certs of []
                    Nov 26 06:06:04 box:reverseproxy cleanupCerts: start
                    Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/cloud.my.domain.com.cert notAfter=Dec 3 11:00:57 2021 GMT daysLeft=7.329767881944444
                    Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/default.cert notAfter=Jul 15 16:25:07 2023 GMT daysLeft=596.5548835532408
                    Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/my.domain.com.host.cert notAfter=Jul 15 16:28:39 2023 GMT daysLeft=596.557337199074
                    Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/fp.my.domain.com.cert notAfter=Dec 2 23:01:02 2021 GMT daysLeft=6.8298255324074075
                    Nov 26 06:06:05 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/my.my.domain.com.cert notAfter=Dec 3 11:00:41 2021 GMT daysLeft=7.329582418981482
                    Nov 26 06:06:05 box:reverseproxy cleanupCerts: done
                    Nov 26 06:06:05 box:taskworker Task took 0.186 seconds
                    Nov 26 06:06:05 box:tasks setCompleted - 1453: {"result":null,"error":null}
                    Nov 26 06:06:05 box:tasks update 1453: {"percent":100,"result":null,"error":null}
                    
                    

                    When I click the button to renew certificate from the web - it does everything right, like it shall be and the logs are much much bigger.

                    P.S. please, ignore **my.my.**domain.com - it's an artifact of search & replace for an actual domain.

                    girishG Offline
                    girishG Offline
                    girish
                    Staff
                    wrote on last edited by
                    #8

                    @potemkin_ai said in cloudron certs update API doesn't work:

                    --data '{"domain": "'$dns_host_name'"}'"

                    The above does not seem correct. There is an extra single quote around '$dns_host_name'. This will result in "domain": "'some.domain'". This will in turn make code filter by this domain name and the single quote will make it not renew anything. Maybe this is what you were hitting? You can actually just pass --data "{}" to try to renew everything. No need to pass any domain as such unless you want to restrict to a specific domain.

                    potemkin_aiP 1 Reply Last reply
                    0
                    • girishG girish

                      @potemkin_ai said in cloudron certs update API doesn't work:

                      --data '{"domain": "'$dns_host_name'"}'"

                      The above does not seem correct. There is an extra single quote around '$dns_host_name'. This will result in "domain": "'some.domain'". This will in turn make code filter by this domain name and the single quote will make it not renew anything. Maybe this is what you were hitting? You can actually just pass --data "{}" to try to renew everything. No need to pass any domain as such unless you want to restrict to a specific domain.

                      potemkin_aiP Offline
                      potemkin_aiP Offline
                      potemkin_ai
                      wrote on last edited by
                      #9

                      @girish thank you, the output is different now, so I hope that will work.

                      I took that API call from my forum request earlier, but I guess there was a misunderstanding the API call example was for the specific domain, not to update them all.

                      Thanks for your assistance!

                      1 Reply Last reply
                      1
                      • scookeS scooke referenced this topic on
                      Reply
                      • Reply as topic
                      Log in to reply
                      • Oldest to Newest
                      • Newest to Oldest
                      • Most Votes


                        • Login

                        • Don't have an account? Register

                        • Login or register to search.
                        • First post
                          Last post
                        0
                        • Categories
                        • Recent
                        • Tags
                        • Popular
                        • Bookmarks
                        • Search