Renew LE ssl?

Question

1.43K views14 - 02 - 2019General Support

0

ozgurerdogan 52 31 - 01 - 2019 0 Comments

I just install brand new latest version of solidcp 1.4.2. I am migrating from MSPcontrol. I installed LE ssl. But can not figure out how to auto renew LE ssl. I see that there is task in windows with C:\SolidCP\Server\bin\LetsEncrypt\letsencrypt.exe which I tried manually running it but it does not also seem to renew ssl.

When I click renew ssl in SolicCP, it redirects me to create new CRS only.

Trevor Robinson Answered question 14 - 02 - 2019

9 Answers

Marco Tiggelaar · Answer 1 · 2019-01-31T10:05:13+02:00

Hello,

Can you clarify on how you mean installed LE SSL?

As by default SolidCP does not need any installation steps, the only thing SolidCP needs is SNI enabled in IIS Service settings (solidcp portal), and hosting plan to allow SSL

It then uses the LE Winsimple client (now known as Win ACME) to request/verify/renew LE certs via cmd commands.

Do note all url’s in the sites bindings have to be resolveable (if one or more are not it will not create an LE cert).

For auto renew it’s handled by the windows task of the LE Win Simple client.

Regards,

Marco

ozgurerdogan · Answer 2 · 2019-01-31T10:16:55+02:00

Ok I did install LE in SCP gui no extra install is done. I only had to run SSLFix.zip in forum to enable SNI in IIS service settings.

So for autorenew I do not need to do anything? To test if autorenew will run, I manually ran task in windows but it did not renew the date. Probably not a correct way to test auto renew? Is there a way to test renew? When does it renew ssl, last day of expiration?

Marco Tiggelaar · Answer 3 · 2019-01-31T10:31:19+02:00

You will normally not need to do anything.

It auto renews based up on the windows Task but only for the ones about to expire.

Only way to really test is to simply let it expire and see if it auto renews.

ozgurerdogan · Answer 4 · 2019-01-31T10:37:00+02:00

0

ozgurerdogan 52 Posted 31 - 01 - 2019 0 Comments

Thank you for your time. Is is possible to get notified for renewal/failed one by mail or something?

ozgurerdogan Answered question 31 - 01 - 2019

Trevor Robinson · Answer 5 · 2019-02-06T16:34:32+02:00

Hello,

At the current moment it is not possible to get alerts from SolidCP or Le-Win-Simple (The client we use to handle Lets Encrypt requests) however Lets Encrypt should send out a automated email as per their policy.

Kind Regards,

Trevor Robinson

fortyhost · Answer 6 · 2019-02-13T13:35:25+02:00

Hi,

we have some domains that have expired and not auto renewed.

Nothing has showed up in the logs, also when re try to renew from SCP it then tries to generate a CSR is that correct?

Thanks

fortyhost · Answer 7 · 2019-02-13T13:46:14+02:00

Update, I think my issues was because of an invalid pointer. When I removed the pointers on it I could add again the SSL. I have to investigate why only working with one pointer.

Thanks

ozgurerdogan · Answer 8 · 2019-02-13T13:50:40+02:00

0

ozgurerdogan 52 Posted 13 - 02 - 2019 0 Comments

But I think main issue here is ssls not auto renewed right?

ozgurerdogan Answered question 13 - 02 - 2019

Trevor Robinson · Answer 9 · 2019-02-14T01:02:12+02:00

Hello,

They should be renewed as per the Le-Win-Simple Client and scheduled task it sets up on the server. As this does not then feed any information back to SolidCP it would be hard for us to track its progress.

The account holder should still get an email from Lets Encrypt if there is an issue.

Kind Regards,

Trevor

Renew LE ssl?

9 Answers

Search questions

Question stats

Other Questions