Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
Notifications upon acme auto-renewal failures
« previous
next »
Print
Pages: [
1
]
Author
Topic: Notifications upon acme auto-renewal failures (Read 108 times)
dig1234
Newbie
Posts: 2
Karma: 0
Notifications upon acme auto-renewal failures
«
on:
October 31, 2024, 04:01:26 am »
Hello I can't seem to find a way to receive email notification if the acme client fails to auto-renew certificates. Does anyone have ideas? How are you monitoring acme renewals?
Logged
Taomyn
Sr. Member
Posts: 444
Karma: 20
Re: Notifications upon acme auto-renewal failures
«
Reply #1 on:
October 31, 2024, 10:04:23 am »
I have a Zabbix server monitoring all my certificate's expiration dates, and it's occasionally alerted me to a failed ACME renewal, but as you mention, it would be nice for ACME itself to have some way to report problems, if there isn't already some other way that I'm not aware of.
Logged
Seimus
Hero Member
Posts: 598
Karma: 58
Re: Notifications upon acme auto-renewal failures
«
Reply #2 on:
October 31, 2024, 10:09:42 am »
I use Uptime-Kuma for monitoring (among other things), it has as well the possibility to monitor cert expiration for a certain domain/destination.
Regards,
S.
Logged
Networking is love. You may hate it, but in the end, you always come back to it.
OPNSense HW
APU2D2 - deceased
N5105 - i226-V | Patriot 2x8G 3200 DDR4 | L 790 512G -
VM HA(SOON)
N100 - i226-V | Crucial 16G 4800 DDR5 | S 980 500G -
PROD
dig1234
Newbie
Posts: 2
Karma: 0
Re: Notifications upon acme auto-renewal failures
«
Reply #3 on:
October 31, 2024, 06:17:26 pm »
Ok I was able to create a file content Monit alert which looks for Error in the acme log and sends me an email if renewal failed for any reason. I like this because I find out before customers see it... The only thing I don't like is that I had to manually write a file to the box in the /usr/local/etc/monit.opnsense.d folder with the following content:
SET LIMITS {
FILECONTENTBUFFER: 10 MB
}
I'm concerned this file will get lost on updates etc...
In pfsense I was able to use the filer plugin to write custom files from the UI and the changes were stored in the config XML so they persisted across updates/restores. Does anything like that exist for Opnsense?
Aside from that I can post the full solution if anyone wants to replicate it.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
Notifications upon acme auto-renewal failures