ASUSTOR Community Forum

Hi,

latest adm on my 608t and letsencrypt fails to auto update despite having option selected and the cert expiring at the end of august.

any ideas how to force it? happy to use terminal

cheers

Hello ho66es,

I found this viewtopic.php?f=27&t=8939&p=28667&hilit=encrypt#p28667 thread which manually updated the certificate (ADM 2.7.x). Maybe it will still work.

Best regards,
Kapitein Haak.

sadly that appeared to do nothing

Then it is time to create a ticket with asustor. On my NAS (AS-304) the cronjobs list:
0 0 * * * TAG=CERTIFICATE /usr/builtin/bin/certificate update-cert
30 0 * * * /bin/sh /usr/builtin/sbin/ntpupdate.sh europe.pool.ntp.org
My certificate was updated halfway august (when I was running Beta 5).

does auto update work in ADM 3.1?

My certificate expired an hour ago, and ADM 3.0.1 did NOT auto update

I have a related thread here: viewtopic.php?f=23&t=6576&p=30257#p30257

My certificate auto renew recently failed but I believe a renewal may have been attempted and the renewal failure was caused by port 80 being closed to the NAS. That's a complete guess mind you because I'm unable to find any trace of any log anywhere that details why the cert renewal failed or if indeed it was even attempted. It's this that I'm trying to extract out of asustor support right now: "Are there any log files maintained around certificate maintenance time?"

Hello Joe,

AFAIK let's encrypt will verify your certificate by reading a requested file from your webserver. For some obscure reason (people want a certificate for https, not http), the file is checked on http. So, closing port 80 will stop auto renewal.

Best regards,
Kapitein Haak.

Hi Kapitein Haak,

Yes I'm aware that port 80 needs to be open for let's encrypt cert renewal to work successfully and that's why closing this port is a solid method to force a renewal failure.

I think you're missing the point that I'm trying to make and not seeing the thing that I'm trying to extract from asustor support at the moment: "in the event of a cert renewal failure, is anything logged anywhere?"

Ahh, if that is the case, you should log a support call at support.asustor.com. The Asustor employees aren't very active on these forums.

Best regards,
Kapitein Haak.

yes already done mate and it would appear that they're not too hot when you ask support questions directly either..