vicidial.org

VICIDIAL astGUIclient discussion forum
http://forum.eflo.net/VICIDIALforum/

acme-renew.ssh in Vicibox 11 doesn't renew.

http://forum.eflo.net/VICIDIALforum/viewtopic.php?f=4&t=42132

Page 1 of 1

acme-renew.ssh in Vicibox 11 doesn't renew.

PostPosted: Mon Sep 30, 2024 12:46 pm
by newbie
Hi,

Just got a weird issue with acme-renew.sh, it doesn't renew or should this renew on the date of expiry?:

Code: Select all
/usr/share/vicibox-ssl/acme-renew.sh
===== ViciBox Acme SSL Renewal Wrapper =====
- Starting at Mon Sep 30 13:41:49 EDT 2024
- Disabling Firewall
- Running acme.sh...
- Enabling Firewall
- Restart apache if running
- Finished at Mon Sep 30 13:41:53 EDT 2024


Code: Select all
openssl x509 -dates -noout -in /root/.acme.sh//sub.example.com/sub.example.com.cer
notBefore=Jul  7 03:00:13 2024 GMT
notAfter=Oct  5 03:00:12 2024 GMT

Re: acme-renew.ssh in Vicibox 11 doesn't renew.

PostPosted: Wed Oct 02, 2024 5:49 pm
by williamconley
letsencrypt /certbot allows renewal at 29 days before expiration. Essentially you can renew every 61 days, but it's valid for 90 days. That is to allow you 29 days to work out any failures before expiration.

Over the years, we've had to set up a separate certbot server to renew client SSL certs on machine that are no longer supported. This allows the Old OS to continue, while renewal is handled on a central server which we keep updated. If this is a Vicibox 11.0.1 install, that should obviously not be necessary.

Check "/var/log/acme-renew.log"

Consider changing VERBOSE=false to TRUE with "-v"
All times are UTC - 5 hours
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/