Let's Encrypt SSL certificate is not being updated

univer_ma · April 7, 2023, 9:28am

Hi!

There are two users in the hestia control panel.

User 1 is for administrative management. The service domain from hosting vm682472.vps.masterhost.tech is mapped to him in the control panel.

User 2 - to work with domains. A list of domains is mapped to him in the control panel.

In the control panel settings - Let’s Encrypt SSL is enabled for all domains. For service domain of user 1 and for each domain of user 2.

Certificates for the domain list (user 2) are updated automatically. The certificate for the service domain (user 1) is not automatically updated. That is, when you enter the control panel, the browser says that the connection is not secure. After a manual update, the browser continues to show that the connection is not secure.

It is not clear from the control panel whether the service domain certificate has been updated or not.

How do I make sure that the certificate is updated automatically for the service domain? Since this works for a list of domains.

eris · April 7, 2023, 9:38am

We do currently not support access via 2 unique domains to access the panel via :8083

univer_ma · April 7, 2023, 9:44am

It seems like the certificate is updated after a manual update. Only here the browser shows that the connection is not secure.

univer_ma · April 7, 2023, 9:47am

User 1 with the service domain is used to work only with the control panel. We access the control panel only through the service domain.

All other domains are not used to access the control panel.

eris · April 7, 2023, 9:49am

systemctl restart hestia

univer_ma · April 7, 2023, 9:59am

Hestia rebooted.
Opened firefox and the same error with the certificate.

univer_ma · April 7, 2023, 10:30am

In firefox, I cleaned the cache. I started it again. Same certificate error.

eris · April 7, 2023, 11:54am

v-add-letsencrypt-host will update the host certificate

univer_ma · April 8, 2023, 8:46am

WEB_DOMAINS limit is reached

cat /etc/hosts
90.156.206.103 vm682472.vps.masterhost.tech vm682472 # one-contextd
127.0.0.1 localhost
127.0.1.1 vps1

The following lines are desirable for IPv6 capable hosts

::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

eris · April 8, 2023, 8:54am

Delete the existing domain under the admin users and try again.

univer_ma · April 8, 2023, 9:44am

It worked when I made these settings.