Hello!
The auto renew of letsencrypt certificates is not working on my panel. I think this is due the /www/server/panel/vhost/cert/crontab.json file, because it is empty. Is there a way of re-generating this file?
SSL auto renew not working
Hello, this correct renewal script, you can try it
/www/server/panel/pyenv/bin/python /www/server/panel/class/acme_v2.py --renew=1
Hello,
If I execute the command I get the error |-No SSL certificate found within 30 days! but I know that I have one certificate that needs renewal.
The_Markus
For users upgrading from the old version to the new version, you need to manually click on the renewal of the visa to automatically renew it, because the certificate application module has been restructured
Ok so is there a way of getting the autorenew to work again?
The_Markus
Only need to manually renew the registration, the system will record your visa information, you can automatically renew in the future
Yeah I renewed the certificates manually but when they expire there is no autorenew for them
The_Markus
You can check whether there is a domain name in the file that needs to be renewed automatically
/www/server/panel/config/letsencrypt.json
11 days later
Hello,
Some of the entries under "orders" have the status active and some have pending. The pending ones are expired and are not getting renewed automatically
The_Markus
You can manually update all the certificates that need to be updated first, and then they will be updated automatically.
I found that a pending entry was no longer an active site and deleted it, I will try if it works now
6 months later
I seem to be getting the same issue. I have tried manually several times but it just wont renew.
My next option is to just delete it and start over.
Any other suggestions before I do that?
Also, where are the logs stored for that action. It would be good to review them but they disapear.
So I went ahead and deleted the SSL cert and everything is working now. I still have the issue on several websites but I would love to understand the problem.
The other question I have is whenever I do a DNS verification the verification TXT record will change when I move away from the screen. This is kind of a pain because if my TTL is long I have to wait a very long period of time and have to stay on that screen. Would it make more sense to set that TXT record once so I could come back to it. And then give me the option to recycle that DNS verification if I wanted to?
Thanks!
Ok, took a little digging but I think I figured it out...
First, I noticed the DNS records didn't appear to match. Took a couple print screens so it would be nice to know where the logs are...
What I am realizing is that I moved this website from one server to another and all I did was copy and paste the SSL cert info so it worked the first time. But in the key the DNS validation is obviously stored.
My solution was to just delete the cert and reissue.
Hope this may help someone else.
Hello!
On my cloudflare account there are 32 domains. When I try renew then certificate (manually or cron job) an error happens becouse the API request return only 20 domains per pagination.
{
"status": false,
"msg": "Error unable to get DNS zone for domain_name=example.com: status_code=200 response=CLOUDFLARE_API_RESPONSE"
} Following there is the CLOUDFLARE_API_RESPONSE
{
"result": [
{
"id": "7fh7s6h7s6s76j6s7j",
"name": "example.net",
"status": "active",
"paused": false,
"type": "full",
"development_mode": 0,
"name_servers": ["jhon.ns.cloudflare.com", "mary.ns.cloudflare.com"],
"original_name_servers": ["a.auto.dns.br", "b.auto.dns.br"],
"original_registrar": null,
"original_dnshost": null,
"modified_on": "2020-06-16T16:36:07.497069Z",
"created_on": "2020-06-16T14:31:34.296159Z",
"activated_on": "2020-06-16T16:36:07.497069Z",
"meta": {
"step": 2,
"wildcard_proxiable": false,
"custom_certificate_quota": 0,
"page_rule_quota": 3,
"phishing_detected": false,
"multiple_railguns_allowed": false
},
"owner": {
"id": "67d6h7adh7adhd5h6sd5h5e4dea46c0",
"type": "user",
"email": "my.account@gmail.com"
},
"account": {
"id": "67d6h7adh7adhd5h6sd5h5e4dea46c0",
"name": "Company Account"
},
"permissions": [...],
"plan": {
"id": "0feeeeeeeeeeeeeeeeeeeeeeeeeeeeee",
"name": "Free Website",
"price": 0,
"currency": "USD",
"frequency": "",
"is_subscribed": false,
"can_subscribe": false,
"legacy_id": "free",
"legacy_discount": false,
"externally_managed": false
}
},
...
],
"result_info": {
"page": 1,
"per_page": 20,
"total_pages": 2,
"count": 20,
"total_count": 32
},
"success": true,
"errors": [],
"messages": []
}the cloudflare's tokens option instead email and global api key will be a great feature 
On file /www/server/panel/class/panelDnsapi.py at line 204 I replaced
from
url = urljoin(self.CLOUDFLARE_API_BASE_URL, "zones?status=active")to
url = urljoin(self.CLOUDFLARE_API_BASE_URL, "zones?status=active&name={0}".format(domain_name))and works perfectly
2 months later
Hello!
I found a new issue. Let's Encrypt isn't renewing through file verification when "Force HTTPS" option is enabled.
I'm using aaPanel LinuxStable 6.8.6 and Nginx 1.18.0
sifyuyuspi
Do you manually click to renew or in the cron?
- Edited
aaPanel_Jose the certificates have not been renewed automatically. when I'm going to renew automatically, I need to disable the option "force HTTPS" to renew manually.
I don't know what is causing the bug, but I suspect that the automatic renewal (which is configured in cron) is not working because HTTPS is forced.
Keep the "force HTTPS" option disabled should not be an alternative. When forcing HTTPS, this should make an exception for /.well-known/acme-challenge, so Let's Encrypt validate de certificate in HTTP protocol at port 80