Trying to figure out what's going on with this one...

Was running an older version that I guess had some issues with Let's Encrypt renewals, and back then to "fix" it the easiest option was to nuke existing certs and let the panel/ACME.sh recreate them. After nuking the cert for the panel itself, froxlor seems to no longer be able to create a config for the "Enable Let's Encrypt for the froxlor vhost" option.

I've toggled it on and off, but that hasn't done anything.

Here's a debug run of the cron job:

[root@php8 /usr/local/www]# /usr/local/bin/php -q /usr/local/www/froxlor/bin/froxlor-cli froxlor:cron 'tasks' --debug --force
Checking froxlor file permissions...OK
Running "tasks" job (forced) (debug)
[information] TasksCron: Searching for tasks to do
[information] Running Let's Encrypt cronjob prior to regenerating webserver config files
[information] Checking for LetsEncrypt client upgrades before renewing certificates:
[Sun Sep 10 19:02:01 EDT 2023] Already uptodate!
[Sun Sep 10 19:02:01 EDT 2023] Upgrade success!
[Sun Sep 10 19:02:01 EDT 2023] Installing cron job
59 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
[Sun Sep 10 19:02:01 EDT 2023] Changed default CA to: https://acme-v02.api.letsencrypt.org/directory
[error] Could not find file 'example1.com.cer' in '/root/.acme.sh/example1.com/'
[error] Could not find file 'ca.cer' in '/root/.acme.sh/example1.com/'
[error] Could not find file 'fullchain.cer' in '/root/.acme.sh/example1.com/'
[error] Could not find file 'example1.com.csr' in '/root/.acme.sh/example1.com/'
[error] Could not get Let's Encrypt certificate for sprickman.com:

[information] Updated Let's Encrypt certificate for example2.com
[information] Let's Encrypt certificates have been updated
[information] apache::createIpPort: creating ip/port settings for  10.10.10.10:80
[debug] 216.220.96.55:80 :: inserted vhostcontainer
[information] apache::createIpPort: creating ip/port settings for  10.10.10.10:443
[debug] 216.220.96.55:443 :: inserted vhostcontainer
[information] apache::createVirtualHosts: creating vhost container for domain 4, customer example2
[information] apache::createVirtualHosts: creating vhost container for domain 5, customer example3
[information] apache::createVirtualHosts: creating vhost container for domain 2, customer example1
[information] apache::createVirtualHosts: creating vhost container for domain 6, customer example3
[information] apache::createVirtualHosts: creating vhost container for domain 1, customer example1
[information] apache::writeConfigs: rebuilding /usr/local/etc/apache24/froxlor-diropts/
[information] apache::writeConfigs: rebuilding /usr/local/etc/apache24/froxlor-htpasswd/
[information] apache::writeConfigs: rebuilding /usr/local/etc/apache24/froxlor-vhosts/
[information] Froxlor\Cron\Http\ApacheFcgi::reload: running service php-fpm restart
[10-Sep-2023 19:02:01] NOTICE: configuration file /usr/local/etc/php-fpm.conf test is successful

[10-Sep-2023 19:02:01] NOTICE: configuration file /usr/local/etc/php-fpm.conf test is successful

[information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi
Syntax OK
Syntax OK
[notice] Checking system's last guid
[root@php8 /usr/local/www]#

Removing and adding an SSL cert for a test user/domain works fine. No changes to the froxlor panel vhost after this though.

I'm digging around in the db, but not yet seeing anything obvious there to recreate this.

after removing the certiticate from froxlor try also removing it from acme.sh itself (for a fresh restart):

/root/.acme.sh/acme.sh --remove -d [domain]

 

Didn't get a chance to try that, I instead pulled an old db backup and grabbed the "domain_ssl_settings" table and inserted the old froxlor vhost entry from there. That seems to have fixed things.

Perhaps that cert shouldn't have a "delete" option next to it if there's no (simple) path to recovery?

Did you want any other info or no?

No, all good. The delete option for let's encrypt certificates will be removed (they are removed when deactivated)