Let's encrypt renewal automation

[tre4bax]

Hi there,

My Let's encrypt certificate never auto renews and I am not sure why.   I have to do this manually every time which is extremely tedious!  I wonder if I have something set wrong in the schedule page or something.  Could someone share the settings they use to make sure this works?

[Maurice]

Make sure auto renewal is enabled globally (Services: Let's Encrypt: Settings) as well as in the certificate settings. Check the cron job (System: Settings: Cron). Default is minutes 0 / hours 0 and * / * / * for the rest, which means it runs daily at midnight. Search the log (System: Log Files: General) for 'AcmeClient'. Should log messages about renewal being required or not.

Cheers

Maurice

[tre4bax]

Thanks Maurice,

Auto renewal is definitely on.  I checked Chron and found that I had two jobs in there.  Not sure why and I removed one of them.

Checked the logs and there are no references to AcmeClient.

I will leave it for a couple of days incase removing one of those entries makes it work and then report back in again if it is still not doing anything :-)

[Maurice]

There were some bugs and related fixes for auto renewal in the past. If this is an older setup, disabling and re-enabling auto renewal might help.

Cheers

Maurice

[tre4bax]

Ta Maurice,

It has been around a while, probably set it up a couple of years ago and got fed up with manually resetting the certificate so I've been using Self generated instead.   Decided that I should be doing this properly so hence why relooking.

I have tried disabling and reenabling.   It definitely removed the chron job between so hopefully this will fix.

[tre4bax]

Just checked and still no events in General that have ACme in them at all.  There are some in Backend but they seem to relate to the Opnsense UI.

I'm going to clear the logs and do it all again and then see what I see.