Change Letsencrypt auto-renewal frequency (> 5 mins)

4 posts / 0 new
Last post
#1 Thu, 05/11/2017 - 19:51
Tortoise

Change Letsencrypt auto-renewal frequency (> 5 mins)

For some domains the auto-renewal fails but Virtualmin keeps trying to auto-renew every 5 minutes. Letsencrypt will send emails that renewal is rejected because of rate limiting, which makes sense. Even if it fails, it does not need to try every 5 minutes for a certificate that lasts for at least three months, once every few hours would be more than enough.

Currently I can not easily test if the problem regarding the renewal has been fixed as I can not renew myself because virtualmin already tried to many times.

Is there an option to change the frequency for auto-renew to just a few times a day (if I want more often I can still manually trigger it)?

Thu, 05/11/2017 - 20:14
ladhani

Yes, I exactly know what you mean! I had this struggle and ended up completely deleting two domains with never ending e-mails. I had made a mistake to not remove default www.subdomain in the application list for letsencrypt. So it kept on failing on www.subdomain as I only had subdomain in DNS and in Virtualmin....

Changes by a new request for only subdomain without www.subdomain did not stop the mails every 3-5 minutes. They kept on coming. Also manually changing the renew period to never did not stop the e-mails.

Here is my topic: https://www.virtualmin.com/node/51912

Unfortunately, never got any responses from the VirtualMin team......

Once you start getting these e-mails, it is almost impossible to stop them in a simple manner. Manually changing the renew period no NEVER had NO effect.

I hope that the Virtual Team can take this issue a bit more serious as you also have this e-mail hijacking issue by Virtual Min!

Fri, 05/12/2017 - 04:46
Joe
Joe's picture

This is bug-like behavior...so, a ticket in the tracker is the right way to go (Jamie does not monitor the forums; we try to protect his time as much as possible, but for bugs in Virtualmin core, he's the right person to solve it). For some reason I was thinking it was fixed in the version already in the repositories, but if you're still seeing it today, and you're running the current version, I guess not.

--

Check out the forum guidelines!

Sat, 05/13/2017 - 20:37
ladhani

Thanks Joe for some clarification. As I have removed the problematic domains, I don't know if this bug is gone or it is still there in the latest version. If I encounter it again, I will also file a bug report.

But I think, there is more here, there is also a feature request here:

Namely to have more control via the VirtualMin panel over the way exception e-mailing is handled in cases where letsencrypt requests fail repeatedly. To be able to get out of a kind of letsencrypt out of limit and subsequently VirtualMin e-mail hijacking situations.

For example, to be able to reset via a click on a button all letsencrypt stuff for a domain and simply be able to do a real clean start with letsencrypt.

What I ended up doing now is delete a complete virtual server only to "reset" letsencrypt. A simple reset without having to delete the whole virtual server domain would really be a great feature in VirtualMin.

Thanks!

Topic locked