V-update-letsencrypt-ssl not renewing the domains

andrewnewby · April 11, 2022, 7:33am

Bit of a weird one here. SSL was working fine with LE, but now the certificate expired.

Screenshot 2022-04-11 at 08-32-02 org2022.chambresdhotes.org 9183 - WEB - Hestia Control Panel

If I manaully run:

sudo /usr/local/hestia/bin/v-update-sys-hestia-all

All I get in system.log is:

2022-04-11 07:29:54 v-restart-service 'nginx' ''

It was working ok - so not sure if an update broke it, or something else?

FWIW: I needed to get this domain back up ASAP (as it was showing a security alert to people). So disabling SSL, then re-enabling it seems to have worked. Still confused as to why it didn’t auto renew like it always has in the past. Any suggestions would be appreciated

eris · April 11, 2022, 8:05am

Check /var/log/hestia/LE-user-domain.com.log

andrewnewby · April 11, 2022, 8:16am

It existed, but was just empty.

Would it have shown something

running in system.log? (telling you that it was trying to do a renewal)

eris · April 11, 2022, 9:12am

Check /usr/local/hestia/data/users/{user}/web.conf

You will see LETSENCRYPT_FAIL_COUNT if it failed to many times?

Do you see anything?

andrewnewby · April 11, 2022, 10:35am

Hi,

I just see:

DOMAIN='xx' IP='173.255.211.169' IP6='' ALIAS='www.xxx' CUSTOM_DOCROOT='' CUSTOM_PHPROOT='' REDIRECT='' AUTH_HASH='' AUTH_USER='' REDIRECT_CODE='' FASTCGI_CACHE='' FASTCGI_DURATION='' TPL='default2' SSL='yes' SSL_HOME='same' SSL_HSTS='' SSL_FORCE='' LETSENCRYPT='yes' FTP_USER='' FTP_MD5='' FTP_PATH='' BACKEND='default' PROXY='default' PROXY_EXT='' STATS='' STATS_USER='' STATS_CRYPT='' U_DISK='10744' U_BANDWIDTH='0' SUSPENDED='no' TIME='07:53:38' DATE='2021-12-22'

However, would the LETSENCRYPT_FAIL_COUNT have reset itself when removing SSL, and the re-enabling it? You may be onto something. We moved this site over from a Vesta server, and this domain wasn’t updated for the DNS - so I guess attempts would have failed as it would have kept trying.

I think we can probably close this. I’ll keep an eye on it and see if it happens again. Normally they renew just fine, which is why it was so odd.

Thanks for your time

Andy

eris · April 11, 2022, 10:51am

However, would the LETSENCRYPT_FAIL_COUNT have reset itself when removing SSL, and the re-enabling it?

Yes

system · May 11, 2022, 10:52am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.