Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum
Apps | Demo | Docs | Install

Webserver reload missing when using manual dns?

Scheduled Pinned Locked Moved Solved Support
letsencryptcertificates
3 Posts 4 Posters 78 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • fbartelsF Offline
    fbartelsF Offline
    fbartels App Dev
    wrote on last edited by girish
    #1

    I was just investigating an expired certificate on one of my Cloudron systems and wanted to leave a note here.

    The app in question uses manual dns settings for reasons that are beyond my control, but port 80 is publicly available so that using lets encrypt should be no problem.

    Looking at the logs below "Renew certificates" was sadly empty. I guess these have been rotated since the last certificate was issued.

    Restarting the app had this bit in the apps logs, which means the certificate must have been successfully renewed back in december, and only the webserver has not been restarted since then.

    Jan 25 12:02:44 => Start supervisor
Jan 25 12:02:44 box:reverseproxy providerMatchesSync: subject=CN = lx.example.com domain=lx.example.com issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=false/false prod=true/true issuerMismatch=false wildcardMismatch=false match=true
Jan 25 12:02:44 box:reverseproxy expiryDate: notAfter=Mar 25 11:10:49 2023 GMT daysLeft=59.00561143518519
Jan 25 12:02:44 box:reverseproxy needsRenewal: false
Jan 25 12:02:44 box:reverseproxy ensureCertificate: lx.example.com acme cert exists and is up to date
Jan 25 12:02:44 box:reverseproxy writeAppLocationNginxConfig: writing config for "lx.example.com" to /home/yellowtent/platformdata/nginx/applications/fdda3359-5b81-4228-b4cb-1f5dfe8a3436/lx.example.com.conf with options {"sourceDir":"/home/yellowtent/box","vhost":"lx.example.com","hasIPv6":true,"ip":"172.18.17.213","port":8080,"endpoint":"app","redirectTo":null,"certFilePath":"/home/yellowtent/platformdata/nginx/cert/lx.example.com.cert","keyFilePath":"/home/yellowtent/platformdata/nginx/cert/lx.example.com.key","robotsTxtQuoted":null,"cspQuoted":null,"hideHeaders":[],"proxyAuth":{"enabled":false,"id":"fdda3359-5b81-4228-b4cb-1f5dfe8a3436","location":"/"},"upstreamUri":"","ocsp":true}
Jan 25 12:02:44 box:shell reload spawn: /usr/bin/sudo -S /home/yellowtent/box/src/scripts/restartservice.sh nginx
    1 Reply Last reply
    0
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    wrote on last edited by
    #2

    This is maybe related to https://forum.cloudron.io/topic/8456/let-s-encrypt-didn-t-seem-to-auto-renew/18

    1 Reply Last reply
    1
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #3

    This should be fixed in 7.3.6

    1 Reply Last reply
    1
  • girishG girish marked this topic as a question on
  • girishG girish has marked this topic as solved on

  • Login
  • Don't have an account? Register
  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login
  • Don't have an account? Register
  • Login or register to search.