Jump to content
Froxlor Forum
  • 0

Let's Encrypt per domain being strangely deactivated.



froxlor v2.0.13-1 (on Unbut 20.04 LTS) - basically all is well, yet if acme.sh updates the LE certs via its own root-owned cronjob in the middle of the night, the froxlor cronjob somhow doesn't find those certs to be new - until - we look into each domain that suffers from this problem and see LE is deactived for this domain.

We're quite sure neither us nor the user did this, I guess it's probably some domain test by froxlor gone bad, but if there was a problem we didn't get notified nor anyone else gets notified except for the LE certs silently expiring.

Could there be another way to handle such cases, ie to recover from a temporarly failure?

Link to comment
Share on other sites

1 answer to this question

Recommended Posts

  • 0

if you activate Let's Encrypt and the cronjob fails to obtain a certificate due to errors (most likely domain does not resolv to server ip or the alias to /.well-known/acme-challenge/ does not work) froxlor deactivates let's encrypt for the domain to avoid running into rateLimits and being blocked

As we cannot know whether it's an "temporary" failure or not, this is currently the safest way not to get into any rateLimit. I agree, there should be some kind of information towards the admin if this happens

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...