Hi All, a bit of a weird request. We have a few domains and the LE certs renews fine including the domain name used for the cosole. To use the cert with the console though and pure-ftp with the same cert I need to run ispconfig_update.sh --force and allow the renewal of the certificate and the symlink for pure-ftp which then works fine Is there anyway to automate just these 2 processes so I don't need to manually run it all every couple of months when the LE cert renews Thanks
ISPConfig questions should be posted on ISPConfig forum. Start with this to get some context: https://forum.howtoforge.com/threads/please-read-before-posting.58408/ Are you doing the symlink manually? ISPConfig should have done that automatically, so something is wrong if that does not happen.
I moved the post to the ISPConfig forum. Like @Taleman mentioned, this happens automatically, so there is no manual ISPConfig run needed. So the question is why it fails on your server and not how to automate an ISPConfig update. Which LE client do you use? Did you set up LE manually or was it set up by ISPConfig and if it was set up by ISPConfig, did you alter that setup in any way? Do you have a website with the exact same hostname of the server where LE is enabled?
Thanks for coming back The subdomain which is the server name was added just to get the ssl on the portal. Before I did the updater the certificate was up to date if I went to the sub domain but when I added the port number to access it showed the old certificate and this was also the certificate pyre-ftp was using, After running ispconfig_update.sh --force it then showed the same certificate expiry date and time of the sub domian
Ok, so you have added a website with that exact subdomain in ISPConfig? Because this can cause issues that the cert does not get renewed and replaced for other services when acme.sh is used as let's encrypt client. That's why it's important that you let us know which let's encrypt client you are using.
Hi Till, sorry yes forgot to add I am just using the built in cert service, I have not install or added anything myself I have the /root/.acme.sh I am running ISPConfig 3.2.8p1 Just added the server as a website which I saw on here somewhere eg. hosting.myserver.com Cert would show correct it https://hosting.myserver.com Cert would show as old cert on https://hosting.myserver.com:8080 After running ispconfig_update.sh --force https://hosting.myserver.com:8080 showed correctly No extra script or anything added and cron is unto date from what I can see with 32 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null * * * * * /usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done * * * * * /usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done
