Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Let's Encrypt Didn't seem to auto-renew

Scheduled Pinned Locked Moved Solved Support
letsencryptcertificates
37 Posts 16 Posters 953 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    replied to BrutalBirdie on last edited by
    #12

    @BrutalBirdie right that kill fix will be part only for next release, however we have by now also seen Cloudrons on Ubuntu 20 hitting a cert renew or reload issue. So its only part of the fix it seems.

    1 Reply Last reply
    1
  • humptydumptyH Offline
    humptydumptyH Offline
    humptydumpty
    wrote on last edited by humptydumpty
    #13

    I’m on v7.3.4 (Ubuntu 22.04.1 LTS), contabo vps, automated cloudflare dns w/ no proxying enabled.

    1 Reply Last reply
    1
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    wrote on last edited by
    #14

    If anyone with this situation, can contact us on support@cloudron.io, I think we debug this further. I check around 20 servers we have access to but they seem to updating the certs just fine. Maybe some specific cert provider is having issues.

    jdaviescoatesJ J 2 Replies Last reply
    1
  • jdaviescoatesJ Offline
    jdaviescoatesJ Offline
    jdaviescoates
    replied to girish on last edited by
    #15

    @girish fyi I hit this recently for a Wildcard DNS on 18.04. The Gandi API ones on the same server seemed to update fine.

    I use Cloudron with Gandi & Hetzner

    robiR 1 Reply Last reply
    0
  • robiR Offline
    robiR Offline
    robi
    replied to jdaviescoates on last edited by
    #16

    @jdaviescoates that's a good pivoting data point @jdaviescoates , mine is a wildcard setup too. Likely something specific to that branch of code..

    Life of sky tech

    jdaviescoatesJ 1 Reply Last reply
    1
  • jdaviescoatesJ Offline
    jdaviescoatesJ Offline
    jdaviescoates
    replied to robi on last edited by
    #17

    @robi I thought so too, but this has just happened to me on one of my Gandi LiveDNS domains on a Cloudron running on Ubuntu 20.04 too šŸ¤”

    I use Cloudron with Gandi & Hetzner

    1 Reply Last reply
    0
  • J Offline
    J Offline
    jagan
    replied to girish on last edited by
    #18

    @girish Had this issue too. Will drop a mail later today.

    1 Reply Last reply
    1
  • nebulonN nebulon referenced this topic on
  • njN Offline
    njN Offline
    nj
    wrote on last edited by nj
    #19

    I can confirm the issue. Certificate of other domains added to Cloudron aren't renewed. Primary domain seems to be renewed.

    Some certs are due 4 days. 😮 Good thing I had alerts enabled so I got notified.

    2f6b3f74-ce0c-4ddf-bac4-4dca395a8632-image.png

    Domain provider is Wildcard. Both domain.tld and *.domain.tld point to the cloudron (since last 1-2 years).
    f20cc3d1-3cd4-4e52-a02f-95a3a86b98fa-image.png

    Renew all Certs shows "Configuring apps .. or something" and the progressbar disappears.

    • "Show Logs" shows empty window.
    • Download full logs -> 1 byte empty file

    d1075490-634d-4d81-8d00-8cf47bb2ce1e-image.png

    Founder & OpenSource Lover. My Cloudron Apps

    girishG 1 Reply Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to nj on last edited by
    #20

    @nj the logs thing is fixed in 7.3.5. Can you update and check?

    But there is still the underlying problem of certs not renewing sometimes with 7.3.

    jordanurbsJ 1 Reply Last reply
    0
  • jordanurbsJ Offline
    jordanurbsJ Offline
    jordanurbs
    replied to girish on last edited by
    #21

    Also having this issue for several domains on my cloudron.

    Manually renewing all certs, restarting apps, deleting browser cookies, nothing is fixing it.

    My cloudron is on Ubuntu 20

    1 Reply Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    wrote on last edited by
    #22

    Wanted to update this thread. We found the issue, we will make a release with a fix (7.3.6) asap.

    jaschaezraJ 1 Reply Last reply
    11
  • jaschaezraJ Offline
    jaschaezraJ Offline
    jaschaezra
    replied to girish on last edited by
    #23

    @girish Thank you! I just came to report the same issue and was delighted that already had been taking care of! Great work!

    1 Reply Last reply
    2
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    wrote on last edited by
    #24

    7.3.6 is out now which should fix this, rolling out slowly.

    humptydumptyH 1 Reply Last reply
    0
  • girishG girish marked this topic as a question on
  • girishG girish has marked this topic as solved on
  • humptydumptyH Offline
    humptydumptyH Offline
    humptydumpty
    replied to girish on last edited by humptydumpty
    #25

    @girish I know updates are rolled out alphabetically but is it based on the installed subdomain (ex: rambo.domain.com) or the bare domain?

    girishG 1 Reply Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to humptydumpty on last edited by girish
    #26

    @humptydumpty iirc, it's on the primary domain i.e installed subdomain.

    jdaviescoatesJ 1 Reply Last reply
    1
  • jdaviescoatesJ Offline
    jdaviescoatesJ Offline
    jdaviescoates
    replied to girish on last edited by
    #27

    @girish that isn't very clear! šŸ˜›

    I think it's surely based on the domain name used for my.domain.tld, no?

    i.e.

    my.aaaaa.tld gets updated before
    my.bbbbb.tld
    ....
    my.zzzzz.tld

    That's been my experience anyway.

    I use Cloudron with Gandi & Hetzner

    girishG 1 Reply Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to jdaviescoates on last edited by
    #28

    @jdaviescoates yes, that's the primary domain in cloudron terminology

    jordanurbsJ 1 Reply Last reply
    0
  • jordanurbsJ Offline
    jordanurbsJ Offline
    jordanurbs
    replied to girish on last edited by jordanurbs
    #29

    @girish I've still got problems after updating.

    I'm assuming a manual certificate is my only option from here

    girishG 1 Reply Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to jordanurbs on last edited by
    #30

    @jordanurbs what problem are you facing exactly? Click on the renew all button and post the logs, please.

    1 Reply Last reply
    0
  • matix131997M Offline
    matix131997M Offline
    matix131997
    wrote on last edited by
    #31

    Hello,

    I also report a problem with the certificate having on the domain yyy.xxx.tld
    I noticed that the problem is common in many browsers - Firefox, Chrome, Brave and Vivaldi on the computer - the error pops up, and on Edge there is no error. On mobile devices - there is an error on all browsers.

    Feb 03 10:18:41 box:tasks update 15: {"percent":51,"message":"Ensuring certs of my.yyy.xxx.tld"}
    Feb 03 10:18:41 box:reverseproxy providerMatchesSync: subject=CN = *.yyy.xxx.tld domain=*.yyy.xxx.tld issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
    Feb 03 10:18:41 box:reverseproxy expiryDate: subject=CN = *.yyy.xxx.tld notBefore=Feb 2 16:20:50 2023 GMT notAfter=May 3 16:20:49 2023 GMT daysLeft=89.2931378587963
    Feb 03 10:18:41 box:reverseproxy needsRenewal: false. force: false
    Feb 03 10:18:41 box:reverseproxy ensureCertificate: my.yyy.xxx.tld acme cert exists and is up to date
    
    girishG 1 Reply Last reply
    0

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.