- For a Let’s Encrypt certificate, the SolidCP “Renew Certificate” button doesn’t behave as expected. It pops up a “Generate CSR” screen instead of renewing the certificate. (I’ve found the “New Certificate” function works well in this case, but “Renew” would be more intuitive.)
- The Certificate Info in SolidCP would be more useful if it showed the SSL provider (for example, Let’s Encrypt)
- (The following might not be a SolidCP issue, but seems relevant.) Many of our Let’s Encrypt certificates have not auto-renewed as expected. This is the reason I’m noticing the “Renew” behavior. I’m not certain if these certificates were installed within SolidCP or some other way, but at minimum they had been imported into SolidCP.
I checked the letsencrypt-win-simple scheduled task, and it was pointing to an old installation instead of the SolidCP one. I deleted the old task and I see that a new one appeared after I used SolidCP to install a new certificate on one of the sites.
Edit: I confirmed the updated scheduled task was able to renew at least one certificate that previously was failing to auto-renew. But SolidCP still displays the old expiration date for that certificate.
First 2 issues i will check out and see what i can do (code lock is tomorrow so i don’t think i can fix this before next release but atleast it can be fixed in the future).
Third: It should auto renew using the Letsencrypt win simple task in windows task management (outside of solidcp).
Only reason i am aware of when it doesn’t work proper is when one of the bindings doesn’t resolve anymore. (might be worth to check for sites that failed).
You can also manually check using the Letsencrypt win simple client included in the SolidCP Server\bin\LetsEncrypt
I think the first two issues are still the same in SolidCP 1.4.2 (and they are low priority).
And as for the third, I think I found the reason I’ve had so many failing LetsEncrypt auto-renewals.
Apparently the certificate information from SolidCP installs will be stored in
while the ones I install from command line are stored in
So, to get all certificates auto-renewing properly, apparently I need TWO letsecnrypt-win-simple scheduled tasks, one that runs under the system account and another that runs as my Administrator user.
(The SolidCP server user doesn’t seem to have a Users folder, just goes under All Users?)
Your issue is due to the fact when we run letsencrypt.exe we use the command parameter –usedefaulttaskuser which causes it to use the default app data location.
If you have ran it manually then it would not use this and use the users appdata. To get this fixed then you should be able to remove the LE certificate and either run it using the above or from SolidCP.
Thanks Trevor, that’s interesting, especially since my second scheduled task has not been successful in getting everything to renew automatically.
I have tried adding –usedefaulttaskuser when running the LetsEncrypt command, but it still stored the data in Administrator user folder. On the other hand, I think the following might be working to run the command as system and store the data under All Users:
psexec -i -s “C:\SolidCP\Server asp.net v4.5\bin\letsencrypt\letsencrypt.exe”
I don’t always have success using SolidCP to install the certificate. It fails if the site has Web Site Pointers that are actually resolving elsewhere, and sometimes it fails for other reasons. In these cases, it is unfortunate that SolidCP often reports “LetsEncrypt Certificate successfully installed on website” even though it failed. Anyway, sometimes I find it necessary to go into command line to successfully install the certificate.
I am glad you was able to resolve the issue. SolidCP does not handle the install of the certificate and runs the command checking for errors during the process.
When you make the certificate manually do you have to make any changes to get it to work?
I think the most recent one worked in command line without any changes. That one had apparently timed out in SolidCP (and displayed the Error.htm message after a LONG delay).
Meanwhile, for another site that had bogus Web Site Pointers, I’m pretty sure SolidCP showed “successfully installed” but no certificate was actually installed until I ran LetsEncrypt manually and specified only the active hostnames.
- Views654 times
- Answers7 answers