Letsencrypt + collectinfo.pl

Submitted by hregis on Thu, 07/06/2017 - 13:25 Pro Licensee

Hello,

I wanted to create an SSL certificate let's encrypt for a hosting and after several attempts in error I did otherwise ... by cons, since I receive a mail every 5 minutes telling me that there is an error on the Certificate request! By searching I have disabled in "Webmin Scheduled Functions" the cron of "collectinfo.pl" and I no longer receive mail! Where does "collectinfo.pl" look for the certificate request let's encrypt?

Thanks for your help !

Régis

Status: 
Closed (fixed)

Comments

Submitted by JamieCameron on Thu, 07/06/2017 - 20:24

You can control automatic renewal in Virtualmin by selecting the virtual server from the left menu, and going to Server Configuration -> Manage SSL Certificate.

Submitted by hregis on Fri, 07/07/2017 - 00:40 Pro Licensee

Hi Jamie,

I wanted to request a certificate let's encrypt for a new virtual server, every time I had a 403 error:

Type:   unauthorized
   Detail: Invalid response from
   http://www.*****.com/.well-known/acme-challenge/jsHgcV-p4wJ1JIy-5JiPCbNr2gjDQd4RciEdKkujjTs:
   "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
   <html><head>
   <title>403 Forbidden</title>
   </head><body>
   <h1>Forbidden</h1>

So I did it differently and I added these SSL certificates in the SSL configuration of the virtual server. But since I receive an email every 5 minutes telling me that the application is still in error 403 ... it continues to try the certificate request. In addition, after a while, let's encrypt banned me for an hour because I ask too much!

Thanks for your help

Régis

Submitted by hregis on Fri, 07/07/2017 - 01:16 Pro Licensee

Ok I solved my problem by deleting these two lines in the configuration file of the virtual server (/etc/webmin/virtual-server/domains/13711xxxxx), and since it no longer tests the certificate request every 5 minutes:

letsencrypt_renew=2

letsencrypt_last=

Can be that virtualmin does not erase these lines in the event of an error and that therefore it tests every 5 minutes via "collectinfo.pl"?

Régis

Submitted by JamieCameron on Fri, 07/07/2017 - 19:37

Removing the letsencrypt_renew line basically turns off automatic renewal.

The next release (6.00) will improve the handling of re-tries by never attempting a renewal more often than once per hour, no matter what.

Submitted by hregis on Mon, 02/18/2019 - 08:29 Pro Licensee

Status: Active » Closed (fixed)