Jump to content
Froxlor Forum
  • 0

[SSL LE] Difference between acme.sh and Froxlor crons


logicbloke

Question

Hi,

I'm just wondering what the difference is between the following 2 folders:

Quote

 

/root/.acme.sh/domain.com/*

/etc/ssl/froxlor-custom/*

 

Why is froxlor installing acme.sh cron everytime it runs at 3am everyday especially since the 5-min let's encrypt froxlor cron is already in place? Also, all my db config points to /etc/ssl/froxlor-custom for the domains and all keys/certificates inside that folder have a different md5 from the ones under /root/.acme.sh/, so I'm wondering what's with the mismatch? Are we updating certificates for domains twice?

 

If anyone can shed some more light on this, it will be very much appreciated.

 

Many thanks!

Link to comment
Share on other sites

1 answer to this question

Recommended Posts

  • 1

If you are using a recent version of froxlor it's like this:

If let's encrypt is activated for a domain, froxlors cronjob calls acme.sh to issue a certificate.

From this point on, acme.sh takes care of the certificate and it's renewal.

Froxlors cronjob simply checks for changes (new domains, SAN list changes, or similar) to issue to acme.sh.

Any renewal is a simple filesystem synchronisation from /root/.acme.sh/ to froxlors database. The cronjob then creates the certificate files in /etc/ssl/froxlor-custom/ from the contents of the database. The content can vary depending on the used Webserver because it's htttp oriented for the vhosts (e.g. cert + key + chain, or similar)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...