Hi,
after a few month of successfull operation there were several occurences this week when connecting to NS8 mattermost app from web, mobile app and api on various devices an “Invalid SSL certificate error” / “ERR_CERT_DATE_INVALID” arised.
According to Settings/TLS certificates all used FQDNs have their certificates obtained.
After about 30 minutes the error self-healed without any changes made to the system.
NS8 cluster is up to date.
Earlier this week I have updated also the underlying Rocky Linux (from ns- repositoriy), if it could have any relation to the problem (?).
I have checked the system time settings
[admin@ns8 ~]$ timedatectl status
Local time: Wed 2025-06-25 15:26:49 UTC
Universal time: Wed 2025-06-25 15:26:49 UTC
RTC time: Wed 2025-06-25 15:26:49
Time zone: UTC (UTC, +0000)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
what seems ok to me, except for Time zone, which I have set accordingly to my geolocation afterwards (Europe/Prague (CEST, +0200)), but the SSL error reoccured later again.
Is there anything else I should check?
Would deteting the certificate and re-obtaining it be helpful?
Thanks
NethServer Version: NS8 Module: mattermost Version 2.2.1
It reapeared now again on several various devices. Seems strange it is caused by their misalignment when they have problems just with this certificate and not any others…
Now I tried to resolve it by deleting the certificate from NS8 GUI with an idea to recreate it again but I’ve got an error:
{"context":{"action":"delete-certificate","data":{"fqdn":"mattermost.twr.cz","type":"internal"},"extra":{"description":"Processing","eventId":"1744a26e-d34b-4be2-a121-85231c238369","title":"Delete certificate for mattermost.twr.cz"},"id":"5f8c889c-02ed-40ee-b9b6-22ddaf2d688f","parent":"","queue":"module/traefik1/tasks","timestamp":"2025-06-26T09:12:55.768747477Z","user":"admin"},"status":"aborted","progress":0,"subTasks":[],"validated":false,"result":{"error":"<3>Timeout after about 30 seconds. Certificate not obtained for ['hur.twr.cz', 'nextcloud.twr.cz', 'nvcti.twr.cz', 'nvproxy.twr.cz', 'nv.twr.cz', 'collabora.twr.cz', 'intra.twr.cz', 'sogo.twr.cz', 'tel.twr.cz', 'nethvoice.twr.cz'].\n<3>\n","exit_code":3,"file":"task/module/traefik1/5f8c889c-02ed-40ee-b9b6-22ddaf2d688f","output":false}}
Certificate was not deleted and I am kind of stuck now.
I checked the cert and there’s a domain mmtest.twr.cz included that’s not known by DNS and maybe is the cause that obtaining a new cert fails.
You could check if configuring DNS for mmtest.twr.cz to the public IP makes obtaining certs work again.
Yes, I can check it, but I would rather like to get rid of mmtest.twr.cz because it was used just in a testing process some time ago. But I dont see it in the NS8 WebGUI.
The listed server names already provide valid certificates, signed by Let’Encrypt-signed. Their verification is successful by my side. They were generated on Jun 23. So the error from your client can depend on something between them and the server. Possible?
Now you want to remove mattermost.twr.cz and it fails. To compare the timeout error with similar failure cases, I’d like to see if it’s used as “main” server name in Traefik’s config. Please share the output of:
journalctl --grep acmeCA
Jun 26 12:28:54 hur-ns8 traefik[2467]: 2025-06-26T10:28:54Z INF Testing certificate renew... acmeCA=https://acme-v02>
Jun 26 12:29:05 hur-ns8 traefik[2467]: 2025-06-26T10:29:05Z INF Renewing certificate from LE : {Main:mmtest.twr.cz S>
Jun 26 12:29:14 hur-ns8 traefik[2467]: 2025-06-26T10:29:14Z ERR Error renewing certificate from LE: {mmtest.twr.cz [>
Jun 26 12:29:14 hur-ns8 traefik[2467]: 2025-06-26T10:29:14Z INF Renewing certificate from LE : {Main:hur.twr.cz SANs>
Jun 26 12:29:55 hur-ns8 traefik[2467]: 2025-06-26T10:29:55Z ERR Error renewing certificate from LE: {hur.twr.cz [sog>
lines 1-5/5 (END)
/usr/local/bin/logcli query -q --no-labels --limit=1000 --since=7d '{module_id="traefik1"} |= "acmeCA" | json | line_format "{{.MESSAGE}}"'
2025-06-26T12:29:55+02:00 2025-06-26T10:29:55Z ERR Error renewing certificate from LE: {hur.twr.cz [sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-26T12:29:14+02:00 2025-06-26T10:29:14Z INF Renewing certificate from LE : {Main:hur.twr.cz SANs:[sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-26T12:29:14+02:00 2025-06-26T10:29:14Z ERR Error renewing certificate from LE: {mmtest.twr.cz []} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-26T12:29:05+02:00 2025-06-26T10:29:05Z INF Renewing certificate from LE : {Main:mmtest.twr.cz SANs:[]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-26T12:28:54+02:00 2025-06-26T10:28:54Z INF Testing certificate renew... acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-25T21:44:51+02:00 2025-06-25T19:44:51Z ERR Error renewing certificate from LE: {hur.twr.cz [sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-25T21:44:44+02:00 2025-06-25T19:44:44Z INF Renewing certificate from LE : {Main:hur.twr.cz SANs:[sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-25T21:44:44+02:00 2025-06-25T19:44:44Z ERR Error renewing certificate from LE: {mmtest.twr.cz []} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-25T21:44:37+02:00 2025-06-25T19:44:37Z INF Renewing certificate from LE : {Main:mmtest.twr.cz SANs:[]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-25T21:44:34+02:00 2025-06-25T19:44:34Z INF Renewing certificate from LE : {Main:collabora.twr.cz SANs:[]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-25T21:44:34+02:00 2025-06-25T19:44:34Z INF Testing certificate renew... acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-24T21:44:53+02:00 2025-06-24T19:44:53Z ERR Error renewing certificate from LE: {hur.twr.cz [sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-24T21:44:43+02:00 2025-06-24T19:44:43Z INF Renewing certificate from LE : {Main:hur.twr.cz SANs:[sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-24T21:44:43+02:00 2025-06-24T19:44:43Z ERR Error renewing certificate from LE: {mmtest.twr.cz []} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-24T21:44:34+02:00 2025-06-24T19:44:34Z INF Renewing certificate from LE : {Main:mmtest.twr.cz SANs:[]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-24T21:44:34+02:00 2025-06-24T19:44:34Z INF Testing certificate renew... acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-23T21:45:00+02:00 2025-06-23T19:45:00Z INF Renewing certificate from LE : {Main:hur.twr.cz SANs:[nvcti.twr.cz nvproxy.twr.cz sogo.twr.cz nethvoice.twr.cz intra.twr.cz nextcloud.twr.cz mattermost.twr.cz nv.twr.cz collabora.twr.cz]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-23T21:44:53+02:00 2025-06-23T19:44:53Z INF Renewing certificate from LE : {Main:intra.twr.cz SANs:[]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-23T21:44:53+02:00 2025-06-23T19:44:53Z ERR Error renewing certificate from LE: {hur.twr.cz [sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-23T21:44:42+02:00 2025-06-23T19:44:42Z INF Renewing certificate from LE : {Main:hur.twr.cz SANs:[sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-23T21:44:42+02:00 2025-06-23T19:44:42Z ERR Error renewing certificate from LE: {mmtest.twr.cz []} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-23T21:44:34+02:00 2025-06-23T19:44:34Z INF Renewing certificate from LE : {Main:mmtest.twr.cz SANs:[]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-23T21:44:34+02:00 2025-06-23T19:44:34Z INF Testing certificate renew... acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-22T21:44:48+02:00 2025-06-22T19:44:48Z ERR Error renewing certificate from LE: {hur.twr.cz [sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-22T21:44:39+02:00 2025-06-22T19:44:39Z INF Renewing certificate from LE : {Main:hur.twr.cz SANs:[sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-22T21:44:39+02:00 2025-06-22T19:44:39Z ERR Error renewing certificate from LE: {mmtest.twr.cz []} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-22T21:44:34+02:00 2025-06-22T19:44:34Z INF Renewing certificate from LE : {Main:mmtest.twr.cz SANs:[]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-22T21:44:34+02:00 2025-06-22T19:44:34Z INF Testing certificate renew... acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-21T21:44:34+02:00 2025-06-21T19:44:34Z ERR Error renewing certificate from LE: {hur.twr.cz [sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-21T21:44:00+02:00 2025-06-21T19:44:00Z INF Renewing certificate from LE : {Main:hur.twr.cz SANs:[sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-21T21:44:00+02:00 2025-06-21T19:44:00Z ERR Error renewing certificate from LE: {mmtest.twr.cz []} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-21T21:43:55+02:00 2025-06-21T19:43:55Z INF Renewing certificate from LE : {Main:mmtest.twr.cz SANs:[]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-21T17:47:26+02:00 2025-06-21T15:47:26Z ERR Error renewing certificate from LE: {hur.twr.cz [sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-21T17:47:17+02:00 2025-06-21T15:47:17Z INF Renewing certificate from LE : {Main:hur.twr.cz SANs:[sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-21T17:47:17+02:00 2025-06-21T15:47:17Z ERR Error renewing certificate from LE: {mmtest.twr.cz []} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-21T17:47:10+02:00 2025-06-21T15:47:10Z INF Renewing certificate from LE : {Main:mmtest.twr.cz SANs:[]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-21T17:47:10+02:00 2025-06-21T15:47:10Z INF Testing certificate renew... acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-20T17:47:38+02:00 2025-06-20T15:47:38Z INF Renewing certificate from LE : {Main:hur.twr.cz SANs:[nextcloud.twr.cz nv.twr.cz collabora.twr.cz nethvoice.twr.cz sogo.twr.cz nvcti.twr.cz nvproxy.twr.cz mattermost.twr.cz]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-20T17:47:26+02:00 2025-06-20T15:47:26Z INF Renewing certificate from LE : {Main:nvcti.twr.cz SANs:[]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-20T17:47:26+02:00 2025-06-20T15:47:26Z ERR Error renewing certificate from LE: {hur.twr.cz [sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-20T17:47:19+02:00 2025-06-20T15:47:19Z INF Renewing certificate from LE : {Main:hur.twr.cz SANs:[sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-20T17:47:19+02:00 2025-06-20T15:47:19Z ERR Error renewing certificate from LE: {mmtest.twr.cz []} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-20T17:47:10+02:00 2025-06-20T15:47:10Z INF Renewing certificate from LE : {Main:mmtest.twr.cz SANs:[]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-20T17:47:10+02:00 2025-06-20T15:47:10Z INF Testing certificate renew... acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-19T17:47:27+02:00 2025-06-19T15:47:27Z ERR Error renewing certificate from LE: {hur.twr.cz [sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-19T17:47:16+02:00 2025-06-19T15:47:16Z INF Renewing certificate from LE : {Main:hur.twr.cz SANs:[sogo.twr.cz mattermost.twr.cz mmtest.twr.cz nextcloud.twr.cz collabora.twr.cz]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-19T17:47:16+02:00 2025-06-19T15:47:16Z ERR Error renewing certificate from LE: {mmtest.twr.cz []} error="error: one or more domains had a problem:\n[mmtest.twr.cz] invalid authorization: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for mmtest.twr.cz - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for mmtest.twr.cz - check that a DNS record exists for this domain\n" acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-19T17:47:10+02:00 2025-06-19T15:47:10Z INF Renewing certificate from LE : {Main:mmtest.twr.cz SANs:[]} acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
2025-06-19T17:47:10+02:00 2025-06-19T15:47:10Z INF Testing certificate renew... acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=acmeServer.acme
So as was already said it seems the mmtest.twr.cz FQDN is causing the problem. How can I remove it manually? It is no more used by any app (was some months ago while testing another mattermost instance, which I removed later)
Run this procedure. It will selectively remove certificates for mmtest.twr.cz from Traefik’s acme.json file. Finally Traefik must be fully restarted to pick up the change.
Procedure run without errors.
By inspecting acme/acme.json there is no more reference to mmtest.twr.cz in it.
Subsequently I have tried to remove another no more used certificate, which was (opposite to mmtest) listed in GUI: nv.twr.cz.
By this attempt, error occured again:
{"context":{"action":"delete-certificate","data":{"fqdn":"nv.twr.cz","type":"internal"},"extra":{"description":"Processing","eventId":"d58d601d-85fd-4e67-b2a3-7a1248d50e05","title":"Delete certificate for nv.twr.cz"},"id":"051f9437-cf58-4fb7-8ab6-9a5d7e259796","parent":"","queue":"module/traefik1/tasks","timestamp":"2025-06-26T14:29:26.961969105Z","user":"admin"},"status":"aborted","progress":0,"subTasks":[],"validated":false,"result":{"error":"<3>Timeout after about 30 seconds. Certificate not obtained for ['hur.twr.cz', 'nextcloud.twr.cz', 'nvcti.twr.cz', 'nvproxy.twr.cz', 'collabora.twr.cz', 'mattermost.twr.cz', 'intra.twr.cz', 'sogo.twr.cz', 'tel.twr.cz', 'nethvoice.twr.cz'].\n<3>\n","exit_code":3,"file":"task/module/traefik1/051f9437-cf58-4fb7-8ab6-9a5d7e259796","output":false}}