Since I have started using HestiaCP I always had issues with certificates not getting renewed. I did not have time to troubleshoot it and simply re-enabled certificates via panel or used “v-add-letsencrypt-hostl”, however it’s time to fix this for good.
I do use CloudFlare and it is set to “Strict” as recommended in the docs. Also I proxy the requests/hide server IP with CF. However I don’t understand what does HestiaCP use to run the autorenewal? There is no acme.sh nor cron jobs for this.
Could someone help and suggest in which direction I should head?
This is for example what happened last time with main HestiaCP domain, but it started working out fine and cerficiate got renewed despite having errors:
root@myserver:~# v-add-letsencrypt-host
Could not open file or uri for loading certificate file from /usr/local/hestia/data/users/admin/ssl/mydomain.tld.pem
80DB1ACEE17F0000:error:16000069:STORE routines:ossl_store_get0_loader_int:unregistered scheme:../crypto/store/store_register.c:237:scheme=file
80DB1ACEE17F0000:error:80000002:system library:file_open:No such file or directory:../providers/implementations/storemgmt/file_store.c:267:calling stat(/usr/local/hestia/data/users/admin/ssl/mydomain.tld.pem)
Unable to load certificate file
Running HestiaCP v1.9.4 on Debian 12.12
Running crontab -l shows no cron tasks for root or any other Hestia user… I think something is missing on my part, but I don’t understand how did I miss such critical thing. The setup of the panel went smoothly and without any problems.
