Hello, please go to the Cron interface to view the log of the task "Renew Let's Encrypt Certificate"
not able to renew SSL certificates on the website
|-The domain name skipped this time: ['hitrust.com.sg', '*.hitrust.com.sg'], because the last renewal failed, you still need to wait 0 hours and try again
|-The website has been suspended, skip certificate renewal!
|-No SSL certificate found within 30 days!
|-All tasks have been processed!
★[2024-06-03 00:10:01] Successful
|-The website has been suspended, skip certificate renewal!
|-A total of 1 certificates need to be renewed
|-Renew the visa certificate and start checking the environment
|-Renewing certificate number of 1,domain: ['hitrust.com.sg', '*.hitrust.com.sg']..
|-Creating order..
/www/server/panel/class/acme_v2.py:1220: DeprecationWarning: sign() is deprecated. Use the equivalent APIs in cryptography.
return OpenSSL.crypto.sign(pk, message.encode("utf8"), self._digest)
|-Getting verification information..
|-Verification type: dns-01
|-Verifying domain name..
|-Attempt to verify DNS records locally, domain name: _acme-challenge.hitrust.com.sg, type: TXT record value: 5EI8rgQ8fdKB0vPanMjGheCw-QYtPf4bfszhtoeE8tw
/www/server/panel/class/acme_v2.py:1016: DeprecationWarning: please use dns.resolver.resolve() instead
ns = dns.resolver.query(domain, s_type)
|-Number of verifications: 1, value: 5EI8rgQ8fdKB0vPanMjGheCw-QYtPf4bfszhtoeE8tw
|-Local authentication succeeded!
|-1 Query verification results..
|-Verification succeeded!
|-Sending CSR..
/www/server/panel/class/acme_v2.py:1050: DeprecationWarning: X509Extension support in pyOpenSSL is deprecated. You should use the APIs in cryptography.
OpenSSL.crypto.X509Extension(
|-Downloading certificate..
|-Failed to download certificate: {'type': 'urn:ietf:params:acme:error:malformed', 'detail': 'Certificate not found', 'status': 404}
★[2024-06-04 00:10:43] Successful
|-The domain name skipped this time: ['hitrust.com.sg', '*.hitrust.com.sg'], because the last renewal failed, you still need to wait 0 hours and try again
|-The website has been suspended, skip certificate renewal!
|-No SSL certificate found within 30 days!
|-All tasks have been processed!
★[2024-06-03 00:10:01] Successful
|-The website has been suspended, skip certificate renewal!
|-A total of 1 certificates need to be renewed
|-Renew the visa certificate and start checking the environment
|-Renewing certificate number of 1,domain: ['hitrust.com.sg', '*.hitrust.com.sg']..
|-Creating order..
/www/server/panel/class/acme_v2.py:1220: DeprecationWarning: sign() is deprecated. Use the equivalent APIs in cryptography.
return OpenSSL.crypto.sign(pk, message.encode("utf8"), self._digest)
|-Getting verification information..
|-Verification type: dns-01
|-Verifying domain name..
|-Attempt to verify DNS records locally, domain name: _acme-challenge.hitrust.com.sg, type: TXT record value: 5EI8rgQ8fdKB0vPanMjGheCw-QYtPf4bfszhtoeE8tw
/www/server/panel/class/acme_v2.py:1016: DeprecationWarning: please use dns.resolver.resolve() instead
ns = dns.resolver.query(domain, s_type)
|-Number of verifications: 1, value: 5EI8rgQ8fdKB0vPanMjGheCw-QYtPf4bfszhtoeE8tw
|-Local authentication succeeded!
|-1 Query verification results..
|-Verification succeeded!
|-Sending CSR..
/www/server/panel/class/acme_v2.py:1050: DeprecationWarning: X509Extension support in pyOpenSSL is deprecated. You should use the APIs in cryptography.
OpenSSL.crypto.X509Extension(
|-Downloading certificate..
|-Failed to download certificate: {'type': 'urn:ietf:params:acme:error:malformed', 'detail': 'Certificate not found', 'status': 404}
★[2024-06-04 00:10:43] Successful
Hi, can you give us your aapanel information? The server makes a snapshot backup first, if possible, please send it to kern@aapanel.com.
It is recommended to fill in the following
Post link:
SSH IP address, account password and port:
aapanel login link address and account password:
Detailed problem description:
No post link will not be able to know which user's information is, and the problem will not be processed
3 months later
I am facing similar problems, as I reported here: https://www.aapanel.com/forum/d/19981-problems-to-auto-renew-ssl-certificates-lets-encrypt/7
The problems is present since, at least, aaPanel version 6.8.36.
Now I am running version 7.0.8. What the cron logs register changed a little, but the problem still is there.
The cron logs are registering the certificates were renewed, but they were not.
Maybe the renewed certificates are saved in the wrong location.
I did the manual renew of SSL certificates a couple of times, but after 2 months, the certificates were not renewed again.
Now, in version 7.0.8 seems there is no more button to manual renew the SSL certificate.
- Edited
Hello, since the SSL Certificate brand has changed, it is currently not supported. This issue will be optimized in the future.
I have the same issues with the auto SSL certificate renewal via Cron. its logs said that it said.
No SSL certificate found within 30 days! This is my domain list 
I also had my manual renewal SSL certificate which I wish to renew all certificates that are below 30 days on Cron. it happened to install the panel SSL. However, the expired date on the list is not updated yet.
Cron logs
----------------------------------------------------------------------------
|-A total of 1 certificates need to be renewed
|-Renew the visa certificate and start checking the environment
[]
|-Renewing certificate number of 1,domain: ['aapanel.localdomain']..
|-Creating order..
|-Getting verification information..
|-Verify the dir:/www/wwwroot/panel_ssl_site/.well-known/acme-challenge
|-Verification type: http-01
|-Verifying domain name..
|-1 Query verification results..
|-Verification succeeded!
|-Sending CSR..
|-Downloading certificate..
|-Renewed successfully!!
----------------------------------------------------------------------
----------------------------------------------------------------------------
★[2024-08-25 08:32:36] Successful
----------------------------------------------------------------------------
|-No SSL certificate found within 30 days!
|-All tasks have been processed!
----------------------------------------------------------------------------I did to renew another SSL certificate by manually execute the Cron task once again and no renewal actions for another domains
★[2024-08-25 08:33:51] Successful
----------------------------------------------------------------------------
|-No SSL certificate found within 30 days!
|-All tasks have been processed!
----------------------------------------------------------------------------Kindly please check why this happened?
Hi, can you give us your aapanel information? The server makes a snapshot backup first, if possible, please send it to kern@aapanel.com.
It is recommended to fill in the following
Post link:
SSH IP address, account password and port:
aapanel login link address and account password:
Detailed problem description:
No post link will not be able to know which user's information is, and the problem will not be processed
aaPanel_Kern
Hi, Kern
I just updated my info to your email now. Please kindly proceed and reply me back with your public IP so I can allow access to the server.
Thank you.
Hello, we have received your email and logged in successfully
aaPanel_Kern
Thank you, Kern
Please let me know your update on this issue. Thank you
Hi, thanks for your information. Currently, the developer can see from the database that you use DNS verification and manually resolve domain name records. This will not automatically renew.
DNS verification requires the use of DNS API to automatically renew
all my domain names were using DNS Verification and fully manual by DNS manager in aaPanel.
Am I going to manually renew the SSL Certificate or reissue the SSL certificate using File Verification one by one?
I just want the method that could help me enable auto-renew certificate of my domain name in the future.
Hello, please do not use a DNS manager. Use the domain name provider’s website directly to manage domain names.
Use file verification, or use the CloudFlare API with DNS verification
Okay, I understand this one. However, if it is possible to make this works to use domain with DNS manager. I appreciated it so much. Thanks @aaPanel_Kern
4 months later
Hello, please help me with certificate updates. Certificates for all domains are not updated. The update hangs on the first certificate with this log.
Hello, thank you for your feedback, we will optimize this issue
You can also try to renew SSL manually in the website
12 days later
@aaPanel_Kern since Lets Encrypt SSL autorenewal in cronjob (/www/server/panel/pyenv/bin/python -u /www/server/panel/class/acme_v2.py --renew=1) has not been working for sometime now (the log shows successful renewal message but the SSL is not updated) is there any work around to this to make it automated? or a command that can be used to put into custom cron job?
For example, since manual renewal works fine, what is the manual bash command that can we use to put into cronjob?
Other than that, is there any ETA when you fix the cronjob for Let's Encrypt SSL autorenewal?
I had this issue with 6.8.x, upgraded to 7.0.13 and the issue remains the same.
Hello, it is recommended that you renew manually first. Is this normal?
Are you using DNS verification or http verification?