Lets Encrypt - Domain ausgelaufen - Status OK

  • Guten Morgen zusammen,

    mir ist gerade aufgefallen dass seit dem 04. März eine Webseite die über das Plugin "LetsEnrcypt" (Version 1.1.1) verschlüsselt wird, auf einmal nicht mehr als sicher anerkannt wird. Grund dafür ist ein ausgelaufenes Zertifikat. (Ausgelaufen am 04.03)

    Sollte das Plugin die Zertifikate nicht selbstständig aktualisieren? Im i-MSCP-Backend wird dieses Zertifikat als "OK" angezeigt.


    Gruß Pinky

    Nachtrag: LetsEncrypt geupdated auf 3.0.0 - keine Verbesserung bislang.

  • Hallo @pinky!

    Kannst Du uns bitte etwaiige LOG-Files hier einbinden? /var/log/...

    Welche I-MSCP Version wird verwendet? Welches OS?

    Bitte alle Infos unserer Reporting rules - Reminder angeben.

    Danke und LG

    Support Infos: I-MSCP Version: 1.5.x / Distro: Debian Stretch / PHP: 7.1.27 - FPM / I-MSCP Plugins: Let´s Encrypt + PHPSwitcher (latest Versions)

  • Hallo,

    i-MSCP 1.3.14
    LetsEncrypt 3.0.0
    Debian 7


    (Die Subdomain my.domain.name habe ich per A-Record auf einen anderen Server gesetzt (schon vor einer Weile). Daher habe ich diese Subdomain heute in i-mscp gelöscht.
    DNS erfolgt über nicht über i-mscp.


  • @pinky

    The cerbot logs you've posted let's learns us that you have executed certbot manually. Therefore, you should know what you're doing ;). Bear in mind that we won't provide support for those that are executing Certbot client manually, out of the plugin context.

    For the expired certificate, disable and re-enable Let's Encrypt through the frontEnd. There was a bug in older LetsEncrypt plugin version which has been fixed.


  • Hey @Nuxwin

    thanks for reply. I haven't executed the certbot at any time. I just installed the Plugin - worked fine till now, so there was no need to play arround with it at all. So I was wondering why the certificate expired.

    I just deactivated and activated the LetsEncrypt plugin. The Certificate is still expired.
    Afterwards I revoked the certificate and created a new one - still expired.


    Best regards


  • @pinky

    Can you give us access to the server?


  • @pinky

    Both ;)


  • I don't even know why I asked ;)
    Just deinstalled and deleted the Plugin, afterwards reinstalled it and created new certs - still the same.

    PM is on its way.

  • @pinky

    The Let's Encrypt SSL certificates were correctly issued. Expire date is 10 july 2017. However, there was a major bug in your i-MSCP version 1.3.14 causing memory leak and Apache2 syntax error. This bug has been fixed in i-MSCP version 1.3.15.

    The following has been done to fix the problem:

    • Your system has been updated: apt-get update && apt-get dist-upgrade (you need to reboot your server due to new kernel version)
    • Your i-MSCP version has been updated to version 1.3.16 (you're still using Debian Wheezy and upgrading your distribution is out of the free support we are providing for our plugins).

    Result: SSL is now working for your customer sites.

    Please for the future, keep your i-MSCP version up-to-date. The next time, we won't provide you free support if your i-MSCP version is not up-to-date (for the Serie supported by your distribution).

    Thank you.