Jump to content
Froxlor Forum
  • 0

Enable Let's Encrypt for the froxlor vhost is set but not created


Question

On one server with nearly the same setup I have enabled:  "Let's Encrypt for the froxlor vhost is set"

But Froxlor silently did not create it on this server, on the other server it's doing it fine.

Sure I miss some other settings, but it's not easy to find it when I don't get any error.

Where can start with?

 

Screenshot_2020-10-27 admin - Froxlor Server Management Panel.png

Link to post
Share on other sites

10 answers to this question

Recommended Posts

  • 0

Thanks,

I run it with /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --force --debug

and now the host domain grallator.com has a letsencrypt cert domain and its working:)

But just 2 days ago on this server the virtualhost huahin.vin is not getting a letsencrypt cert.

I'm facing this problem since a couple of months with other domains on other new installations.

Now I see that there is a folder ~/.acme.sh/ in my root and it holds as well certs related files like:

ca.cer  fullchain.cer  huahin.vin.cer  huahin.vin.conf  huahin.vin.conf.removed  huahin.vin.csr  huahin.vin.csr.conf  huahin.vin.key

I was aware of to the /etc/ssl/froxlor-custom/ where i have my certs what the apache server use:

-rw------- 1 root root 1648 Oct 31 11:37 huahin.vin_CA.pem
-rw------- 1 root root 1648 Oct 31 11:37 huahin.vin_chain.pem
-rw------- 1 root root 2264 Oct 31 11:37 huahin.vin.crt
-rw------- 1 root root 3912 Oct 31 11:37 huahin.vin_fullchain.pem
-rw------- 1 root root 3247 Oct 31 11:37 huahin.vin.key

 

I don't understand the functionality of this .~/.acme.sh

 

 

this is what im getting when i run the froxlor letsencrypt script:

 

root@grallator /etc/cron.d/ # /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug --force
[information] Checking for LetsEncrypt client upgrades before renewing certificates:
[Sat 31 Oct 2020 11:59:10 AM +07] Already uptodate!
[Sat 31 Oct 2020 11:59:10 AM +07] Upgrade success!
[Sat 31 Oct 2020 11:59:10 AM +07] Installing cron job
4 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
[information] Updated Let's Encrypt certificate for huahin.vin
[information] Updated Let's Encrypt certificate for changnooy.city
[information] Updated Let's Encrypt certificate for changnooi.city
[information] Let's Encrypt certificates have been updated
[information] TasksCron: Searching for tasks to do
sh: 1: /etc/init.d/dkim-filter: not found
[information] Dkim-milter reloaded
[information] Task4 started - Rebuilding froxlor_bind.conf
[information] Cleaning dns zone files from /etc/bind/domains/
[debug] domId    domain                                  ismainbutsubto parent domain                           list of child domain ids
[debug] 11       changnooi.city                          0              -                                       
[debug] 10       changnooy.city                          0              -                                       
[debug] 8        huahin.vin                              0              -                                       
[debug] none     grallator.com                           0              -                                       
[information] `/etc/bind/domains/changnooi.city.zone` written
[debug] Generating dns config for changnooi.city
[information] `/etc/bind/domains/changnooy.city.zone` written
[debug] Generating dns config for changnooy.city
[information] `/etc/bind/domains/huahin.vin.zone` written
[debug] Generating dns config for huahin.vin
[information] `/etc/bind/domains/grallator.com.zone` written
[debug] Generating dns config for grallator.com
[information] froxlor_bind.conf written
[information] Bind daemon reloaded
[information] Task4 finished
[information] Running Let's Encrypt cronjob prior to regenerating webserver config files
[information] Checking for LetsEncrypt client upgrades before renewing certificates:
[Sat 31 Oct 2020 11:59:11 AM +07] Already uptodate!
[Sat 31 Oct 2020 11:59:11 AM +07] Upgrade success!
[Sat 31 Oct 2020 11:59:11 AM +07] Installing cron job
4 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
[information] Updated Let's Encrypt certificate for huahin.vin
[information] Updated Let's Encrypt certificate for changnooy.city
[information] Updated Let's Encrypt certificate for changnooi.city
[information] Let's Encrypt certificates have been updated
[information] apache::createIpPort: creating ip/port settings for  103.22.183.243:80
[notice] 103.22.183.243:80 :: namevirtualhost-statement no longer needed for apache-2.4
[debug] 103.22.183.243:80 :: inserted vhostcontainer
[information] apache::createIpPort: creating ip/port settings for  103.22.183.243:443
[debug] 103.22.183.243:443 :: inserted vhostcontainer
[information] apache::createVirtualHosts: creating vhost container for domain 11, customer changnooy
[information] apache::createVirtualHosts: creating vhost container for domain 10, customer changnooy
[information] apache::createVirtualHosts: creating vhost container for domain 8, customer huahin
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] Froxlor\Cron\Http\ApacheFcgi::reload: running service php7.4-fpm restart
[information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi
[notice] Creating passwd file
[notice] Writing 3 entries to passwd file
[notice] Succesfully wrote passwd file
[notice] Creating group file
[notice] Writing 3 entries to group file
[notice] Succesfully wrote group file
[notice] Creating shadow file
[notice] Writing 3 entries to shadow file
[notice] Succesfully wrote shadow file
[notice] Checking system's last guid

 

 

 

 

 

 

 

 

Link to post
Share on other sites
  • 0

at this moment the update of the expired certificated for huahin.vin does not work. But I created 2 other new  domains 3 days ago and it created them fine. i found this renew issue on my other servers as well. After I manually disable ssl and then enable it, it eventually renewed it.

ssl.png

Link to post
Share on other sites
  • 0

This is what I found out now:

when I enter to the /root/.acme.sh folder  and run the script there called  acme.sh with parameter --renew-all

It works!!

Example:

# ./acme.sh --renew-all

 

Link to post
Share on other sites
  • 0

i did not find any instruction in the configuration guide

only i see this for cronjob:

/usr/bin/php /var/www/froxlor/scripts/froxlor_master_cronjob.php --run-task 99
/etc/init.d/cron reload

 

Link to post
Share on other sites
  • 0

and this is my /etc/cron.d/froxlor file:

 

root@grallator /etc/cron.d/ # cat froxlor
# automatically generated cron-configuration by froxlor
# do not manually edit this file as it will be re-generated periodically.
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
#
*/5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --tasks 1> /dev/null
0 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --traffic 1> /dev/null
5 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --usage_report 1> /dev/null
0 */6 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --mailboxsize 1> /dev/null
*/5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt 1> /dev/null
10 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --backup 1> /dev/null

 

Link to post
Share on other sites
  • 0

the cronjob installs acme.sh and it installs the cronjob if not exists. You can verify that the acme.sh cronjob is installed by typing "crontab -e" in the shell as root user. It should show something like 

2 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...