Good afternoon.
The server constantly sends messages about the expired certificate, you can remove it as it is without affecting the system?
Do you have a letsencrypt? There was a bug but it should be solved.
1 Like
Hi!
my certificates has also expired and doenst get renewed. Thank your suggested article/thread - i will try this out.
Beyond that i think that there is a problem with my configuration…?
Let’s imagine I have set up a domain (sub.domain.name) for the Nethserver with a corresponding Letsencrypt certificate. Now I have set up a domain for a NAS (nas.domain.name) and need a certificate for it. I also added them via the web interface.
In the web interface I have the following output:
If I display the values from the database, something completely different comes out:
--->8---
pki=configuration
CertificateDuration=3650
ChainFile=/etc/letsencrypt/live/sub.domain.name/chain.pem
CommonName=
CountryCode=
CrtFile=/etc/letsencrypt/live/sub.domain.name/cert.pem
EmailAddress=
KeyFile=/etc/letsencrypt/live/sub.domain.name/privkey.pem
LetsEncrypt=disabled
LetsEncryptDomains=nas.domain.name
LetsEncryptMail=mail@info.net
LetsEncryptRenewDays=30
Locality=
Organization=
OrganizationalUnitName=
State=
SubjectAltName=
---8<---
Am I right in assuming that the value for “LetsEncryptDomains” has lost the domain “sub.domain.name”? Why is more displayed on the web interface than is stored in the database?
The certificates are somehow not renewed anymore, so I had to create an additional entry for the NAS domain.
Actually, only one of the bugs I reported was fixed. The mixed case one. The other where the order of the domains in the LetsEncrypt request stops the update remains. See issue 5441 (as LotusGuy) for a full explanation.
Cheers.
2 Likes