It is currently Thu Apr 26, 2018 9:03 pm
All times are UTC + 8 hours

letsencrypt auto update

This is where you can find the latest ADM official release. Feel free to discuss any questions regarding it here.

letsencrypt auto update

Postby ho66es » Wed Sep 06, 2017 2:50 am

Hi,

latest adm on my 608t and letsencrypt fails to auto update despite having option selected and the cert expiring at the end of august.

any ideas how to force it? happy to use terminal

cheers
608t
ho66es
 
Posts: 475
Joined: Wed Mar 13, 2013 5:38 am

Re: letsencrypt auto update

Postby Kapitein Haak » Wed Sep 06, 2017 3:43 pm

Hello ho66es,

I found this viewtopic.php?f=27&t=8939&p=28667&hilit=encrypt#p28667 thread which manually updated the certificate (ADM 2.7.x). Maybe it will still work.

Best regards,
Kapitein Haak.
"What would the world be like without Captain Hook?"
---
"Homo sapiens non urinat in ventum" (A wise man doesn't piss into the wind), only in Amsterdam:
https://www.google.nl/maps/@52.36289,4. ... 312!8i6656
User avatar
Kapitein Haak
 
Posts: 331
Joined: Tue Oct 15, 2013 2:40 pm
Location: Stranded on the Dutch coast.

Re: letsencrypt auto update

Postby ho66es » Wed Sep 06, 2017 11:37 pm

sadly that appeared to do nothing :(
608t
ho66es
 
Posts: 475
Joined: Wed Mar 13, 2013 5:38 am

Re: letsencrypt auto update

Postby Kapitein Haak » Thu Sep 07, 2017 2:59 pm

Then it is time to create a ticket with asustor. On my NAS (AS-304) the cronjobs list:
0 0 * * * TAG=CERTIFICATE /usr/builtin/bin/certificate update-cert
30 0 * * * /bin/sh /usr/builtin/sbin/ntpupdate.sh europe.pool.ntp.org
My certificate was updated halfway august (when I was running Beta 5).
"What would the world be like without Captain Hook?"
---
"Homo sapiens non urinat in ventum" (A wise man doesn't piss into the wind), only in Amsterdam:
https://www.google.nl/maps/@52.36289,4. ... 312!8i6656
User avatar
Kapitein Haak
 
Posts: 331
Joined: Tue Oct 15, 2013 2:40 pm
Location: Stranded on the Dutch coast.

Re: letsencrypt auto update

Postby jauling » Thu Jan 04, 2018 11:46 pm

does auto update work in ADM 3.1?

My certificate expired an hour ago, and ADM 3.0.1 did NOT auto update :(
jauling
 
Posts: 29
Joined: Wed Feb 01, 2017 1:34 am
Location: Amsterdam

Re: letsencrypt auto update

Postby joe » Sat Jan 06, 2018 3:31 am

I have a related thread here: viewtopic.php?f=23&t=6576&p=30257#p30257

My certificate auto renew recently failed but I believe a renewal may have been attempted and the renewal failure was caused by port 80 being closed to the NAS. That's a complete guess mind you because I'm unable to find any trace of any log anywhere that details why the cert renewal failed or if indeed it was even attempted. It's this that I'm trying to extract out of asustor support right now: "Are there any log files maintained around certificate maintenance time?"
joe
 
Posts: 54
Joined: Fri Feb 28, 2014 2:59 am

Re: letsencrypt auto update

Postby Kapitein Haak » Mon Jan 08, 2018 4:48 pm

Hello Joe,

AFAIK let's encrypt will verify your certificate by reading a requested file from your webserver. For some obscure reason (people want a certificate for https, not http), the file is checked on http. So, closing port 80 will stop auto renewal.

Best regards,
Kapitein Haak.
"What would the world be like without Captain Hook?"
---
"Homo sapiens non urinat in ventum" (A wise man doesn't piss into the wind), only in Amsterdam:
https://www.google.nl/maps/@52.36289,4. ... 312!8i6656
User avatar
Kapitein Haak
 
Posts: 331
Joined: Tue Oct 15, 2013 2:40 pm
Location: Stranded on the Dutch coast.

Re: letsencrypt auto update

Postby joe » Mon Jan 08, 2018 5:16 pm

Hi Kapitein Haak,

Yes I'm aware that port 80 needs to be open for let's encrypt cert renewal to work successfully and that's why closing this port is a solid method to force a renewal failure.

I think you're missing the point that I'm trying to make and not seeing the thing that I'm trying to extract from asustor support at the moment: "in the event of a cert renewal failure, is anything logged anywhere?"
joe
 
Posts: 54
Joined: Fri Feb 28, 2014 2:59 am

Re: letsencrypt auto update

Postby Kapitein Haak » Mon Jan 08, 2018 5:30 pm

Ahh, if that is the case, you should log a support call at support.asustor.com. The Asustor employees aren't very active on these forums.

Best regards,
Kapitein Haak.
"What would the world be like without Captain Hook?"
---
"Homo sapiens non urinat in ventum" (A wise man doesn't piss into the wind), only in Amsterdam:
https://www.google.nl/maps/@52.36289,4. ... 312!8i6656
User avatar
Kapitein Haak
 
Posts: 331
Joined: Tue Oct 15, 2013 2:40 pm
Location: Stranded on the Dutch coast.

Re: letsencrypt auto update

Postby joe » Mon Jan 08, 2018 5:40 pm

yes already done mate and it would appear that they're not too hot when you ask support questions directly either..
joe
 
Posts: 54
Joined: Fri Feb 28, 2014 2:59 am

Next

Return to [Official] For AS-6XX Series

  • You cannot post new topics in this forum
    You cannot reply to topics in this forum
    You cannot edit your posts in this forum
    You cannot delete your posts in this forum
    You cannot post attachments in this forum
  • Who is online

    Users browsing this forum: No registered users and 1 guest