I am running a Nethserver 7.9.2009 with automatic updates enabled and and an active subscription.
There is a problem renewing the certificates:
echo ‘{“props”:{“LetsEncryptMail”:"",“LetsEncryptDomains”:“ourdomain.tld,mail.ourdomain.tld,ad.ourdomain.tld,cloud.ourdomain.tld”,“LetsEncryptRenewDays”:“30”},“action”:“lets-encrypt”}’ | /usr/bin/setsid /usr/bin/sudo /usr/libexec/nethserver/api/system-certificate/update | jq
{
“steps”: 6,
“pid”: 13377,
“args”: “”,
“event”: “certificate-update”
}
{
“step”: 1,
“pid”: 13377,
“action”: “S05generic_template_expand”,
“event”: “certificate-update”,
“state”: “running”
}
{
“progress”: “0.17”,
“time”: “0.235838”,
“exit”: 0,
“event”: “certificate-update”,
“state”: “done”,
“step”: 1,
“pid”: 13377,
“action”: “S05generic_template_expand”
}
{
“step”: 2,
“pid”: 13377,
“action”: “S20nethserver-cockpit-conf”,
“event”: “certificate-update”,
“state”: “running”
}
{
“progress”: “0.33”,
“time”: “0.113333”,
“exit”: 0,
“event”: “certificate-update”,
“state”: “done”,
“step”: 2,
“pid”: 13377,
“action”: “S20nethserver-cockpit-conf”
}
{
“step”: 3,
“pid”: 13377,
“action”: “S30nethserver-openvpn-crl”,
“event”: “certificate-update”,
“state”: “running”
}
{
“progress”: “0.50”,
“time”: “0.025006”,
“exit”: 0,
“event”: “certificate-update”,
“state”: “done”,
“step”: 3,
“pid”: 13377,
“action”: “S30nethserver-openvpn-crl”
}
{
“step”: 4,
“pid”: 13377,
“action”: “S80push2router”,
“event”: “certificate-update”,
“state”: “running”
}
{
“progress”: “0.67”,
“time”: “0.360995”,
“exit”: 256,
“event”: “certificate-update”,
“state”: “done”,
“step”: 4,
“pid”: 13377,
“action”: “S80push2router”
}
{
“step”: 5,
“pid”: 13377,
“action”: “S90adjust-services”,
“event”: “certificate-update”,
“state”: “running”
}
{
“progress”: “0.83”,
“time”: “1.29978”,
“exit”: 0,
“event”: “certificate-update”,
“state”: “done”,
“step”: 5,
“pid”: 13377,
“action”: “S90adjust-services”
}
{
“step”: 6,
“pid”: 13377,
“action”: “S99nethserver-httpd-admin-asyncreload”,
“event”: “certificate-update”,
“state”: “running”
}
{
“progress”: “1.00”,
“time”: “0.005274”,
“exit”: 0,
“event”: “certificate-update”,
“state”: “done”,
“step”: 6,
“pid”: 13377,
“action”: “S99nethserver-httpd-admin-asyncreload”
}
{
“pid”: 13377,
“status”: “failed”,
“event”: “certificate-update”
I think, it could be related to this?
I also retried to renew after nethserver reboot. After that I encountered a message while trying on console that I have renewed to often, so I tried removing of one of the domains temporary to workaround the mentioned error. However it still does not work.
Furthermore in certificate page I see that I now have two certificates one on the standard path:
/etc/letsencrypt/live/ourdomain.tld/cert.pem and one on
/etc/letsencrypt/live/ourdomain.tld-0001/cert.pem
How can those problems be fixed? I’d like to be able to renew my certs and I’d like to get rid of the -0001 thingy.
On Softwarecenter I see about 100 updates available, but I don’t think its wise to update them all. Maybe someone could tell me if there is a relevant update that I can issue manually to solve this?
Furthermore I would be very glad to get instructions on how to correct my certificate problem so I can get a new one and update it to my OPNsense router asap so our roadwarriors will be able again to connect to our systems.