Version 1.3.0 Let's...
 
Notifications
Clear all

Version 1.3.0 Let's encrypt

22 Posts
6 Users
0 Reactions
4,486 Views
Posts: 38
Topic starter
(@harpwro)
Trusted Member
Joined: 8 years ago

Hello

I just did that, but no luck.. it didn' work, maybe I will just forget about it and manually bind the certificates, this works, I tested.

After manually binding, solidcp could import the ssl settings as it found an ssl on the website, so I believe it will process the automated renewals... am I right?
Where can I check if this schedule is configured ok?

AG

Reply
Posts: 1995
Admin
(@m-tiggelaar)
Noble Member
Joined: 9 years ago

Hey,

Sorry for the delay in my answer i did quite a bit of research on it.

Are your port 80 bindings with * or with a specific ip?

If it's with specific ip i might have the fix for you (just need to do a bit more testing).

If it's with * 80 binding it technically should work, it would then be intresting to see what happens if you run the LE client manually from the serverbinLetsEncrypt directory.

The scheduler is created by the LE client, in Windows Tasks

Regards,

Marco

Reply
Posts: 1
(@maquinadigital)
New Member
Joined: 7 years ago

Hi,
I had the same problem and binding the http to *, instead of an explicit IP, did (part of ) the trick.

Now solidcp doesn't hang anymore, when asking to install the certificate.

Unfortunately, it doesn't create the HTTPS bindings (neither explicit nor *).

Creating the https binding manually shows the certificate already generated by Let's Encrypt (I had several already generated, so I guess the times it hanged, it managed to get the certificate anyway).
Selecting one and creating the https binding does the trick.

So, problem 1 is the * binding instead of an explicit IP. I have all binding created by solid CP with explicit IP address (not sure why or how to automagically fix this). Problem 2 is the creation of the https binding by solid cp with the lets encrypt certificate that didn't worked.

If I can help providing any logs, please feel free to ask them.

Thank you all for this control panel and for sharing.

Regards
Daniel

Reply
Posts: 1995
Admin
(@m-tiggelaar)
Noble Member
Joined: 9 years ago

Thank you for sharing this info.

from explicit ip to * (for new websites) is in the Web service settings at the top: 

Do note this applies for new sites only.

For existing sites changing the bindings would be in the applicationhost.config file manually.

However if your not 100% confy i wouldn't recommend doing a mass find+ replace in there. instead we are working on a fix (which is still in testing currently) to allow explicit ip's without messing up existing certificates etc.

Which should address this part of the issue for everyone.

The https binding it self should be created by the LetsEncrypt win Simple client automatically tho (once it has * 80 with hostname).

Can you provide any logs or information as to why that one refused to function? you could optionally manually run the Lets Encrypt win Simple client from the SolidCP ServerbinLetsEncrypt

Example command: letsencrypt.exe --plugin iissite --siteid 1 --emailaddress myaddress@example.com --accepttos --closeonfinish

SiteID goes by actual SiteID not by name.

If you run the example command it shouldn't pop up any questions or issues, if it does it would be good to report it here (as it's most likely where SolidCP gets stuck).

Regards,

Marco

Reply
Posts: 38
Topic starter
(@harpwro)
Trusted Member
Joined: 8 years ago

Hello

Thanks for this tip.... works perfectly now, never thought of trying that

AG

Reply
Page 4 / 5
Share: