Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
Let's encrypt renewal automation
« previous
next »
Print
Pages: [
1
]
Author
Topic: Let's encrypt renewal automation (Read 3071 times)
tre4bax
Full Member
Posts: 151
Karma: 4
Let's encrypt renewal automation
«
on:
May 04, 2021, 12:04:18 pm »
Hi there,
My Let's encrypt certificate never auto renews and I am not sure why. I have to do this manually every time which is extremely tedious! I wonder if I have something set wrong in the schedule page or something. Could someone share the settings they use to make sure this works?
Logged
Maurice
Hero Member
Posts: 1184
Karma: 148
Re: Let's encrypt renewal automation
«
Reply #1 on:
May 05, 2021, 12:00:01 am »
Make sure auto renewal is enabled globally (Services: Let's Encrypt: Settings) as well as in the certificate settings. Check the cron job (System: Settings: Cron). Default is minutes 0 / hours 0 and * / * / * for the rest, which means it runs daily at midnight. Search the log (System: Log Files: General) for 'AcmeClient'. Should log messages about renewal being required or not.
Cheers
Maurice
Logged
OPNsense virtual machine images
OPNsense aarch64 firmware repository
Available for commercial support & engineering. PM for details (en / de).
tre4bax
Full Member
Posts: 151
Karma: 4
Re: Let's encrypt renewal automation
«
Reply #2 on:
May 05, 2021, 10:17:58 am »
Thanks Maurice,
Auto renewal is definitely on. I checked Chron and found that I had two jobs in there. Not sure why and I removed one of them.
Checked the logs and there are no references to AcmeClient.
I will leave it for a couple of days incase removing one of those entries makes it work and then report back in again if it is still not doing anything :-)
Logged
Maurice
Hero Member
Posts: 1184
Karma: 148
Re: Let's encrypt renewal automation
«
Reply #3 on:
May 05, 2021, 12:23:50 pm »
There were some bugs and related fixes for auto renewal in the past. If this is an older setup, disabling and re-enabling auto renewal might help.
Cheers
Maurice
Logged
OPNsense virtual machine images
OPNsense aarch64 firmware repository
Available for commercial support & engineering. PM for details (en / de).
tre4bax
Full Member
Posts: 151
Karma: 4
Re: Let's encrypt renewal automation
«
Reply #4 on:
May 07, 2021, 10:48:17 am »
Ta Maurice,
It has been around a while, probably set it up a couple of years ago and got fed up with manually resetting the certificate so I've been using Self generated instead. Decided that I should be doing this properly so hence why relooking.
I have tried disabling and reenabling. It definitely removed the chron job between so hopefully this will fix.
Logged
tre4bax
Full Member
Posts: 151
Karma: 4
Re: Let's encrypt renewal automation
«
Reply #5 on:
May 08, 2021, 10:55:45 am »
Just checked and still no events in General that have ACme in them at all. There are some in Backend but they seem to relate to the Opnsense UI.
I'm going to clear the logs and do it all again and then see what I see.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
Let's encrypt renewal automation