No automatic renewal with nginx possible?

stevenzhu · 2018-08-31 15:22:40 UTC

Hi,

This might be an insufficient configuration…
Since my site (with nginx) would autorenew if i configture correctly.

Thank you

Osiris · 2018-08-31 15:23:05 UTC

Neither.

Nginx is just the “user” of the certificate. An ACME client is responsible for the renewal and reloading of nginx. This is probably done by your control panel. If you’re having issues, contact your hosting provider.

stevenzhu · 2018-08-31 15:23:46 UTC

ISPConfig seems to have auto-renew feature… The hosting provider might just not configturing correctly…

JuergenAuer · 2018-08-31 15:24:08 UTC

Hi @nefu

what’s the problem? You have a Letsencrypt-certificate, created today. Looks fine

nefu · 2018-08-31 15:24:24 UTC

I did contact my hosting provider. They tell me, they are not responsible for this feature.

nefu · 2018-08-31 15:25:32 UTC

I did this “by hand” . sorry for my poor Englisch. I don’t won’t to do this for all of my customers though.

stevenzhu · 2018-08-31 15:25:43 UTC

Do you happen to have a error message from ISPConfig? (or it just a simple failure with no error?)

nefu · 2018-08-31 15:26:29 UTC

No errors , nothing I can see. Just all websites are not protected anymore.

Osiris · 2018-08-31 15:27:34 UTC

Ah, that would have been crucial information for us.

Well, than your renewal would be “by hand” too I’m afraid. Because a renewal is just a newly signed certificate, but than for the same hostnames as the previous certificate. So the only way to get that new certificate, is to do everything over again.

Unless your ISPconfig panel has a Let’s Encrypt plugin of course, but something tells me you would have used that earlier, if you had the chance

nefu · 2018-08-31 15:28:06 UTC

Yes. I used this feature with ISPconfig , but it does not work.

nefu · 2018-08-31 15:30:14 UTC

by hand … means that I used the “auto-renewal-botton” once more and saved this action under ISPconfig.

Osiris · 2018-08-31 15:30:24 UTC

Which feature exactly? Please give us more details. Did you do stuff 100 % by hand? As in, use a webbased client such as sslforfree.com and manually uploaded the cert from your computer to ISPconfig? Or did you “by hand” click a single button in ISPconfig to get and install the certificate with one press of that button?

nefu · 2018-08-31 15:33:06 UTC

nefu · 2018-08-31 15:36:45 UTC

Can anyone tell me, what I have to tell my hosting provider to fix this AMCE client configuration? This is the only way to make them give up their position “none of my business”

Thank you!

JuergenAuer · 2018-08-31 15:37:10 UTC

Looks like your hoster has a “great limitation”:

Using Letsencrypt without automation.

This is bad, really bad.

PS: This is not a problem / limitation of nginx. It’s a limitation of your hoster.

DavidBoon · 2018-09-03 12:16:01 UTC

I faced the similar situation as hosting provider did not configure correctly. You are right, auto-renew features is available.

nefu · 2018-09-03 13:19:11 UTC

Thanks guys. I very much appreciated your opinions, but my provider simply sticks to his opinion that Lets Encrypt still is in a kind of beta-status and therefore not working as reliable as it should.

I don´t get any further on this as myself I don’t have the kind of knowledge to successfully argue with this provider-tech-guys. I now have to accept theirs “thats your problem”.

Have a nice day!

danb35 · 2018-09-03 13:22:59 UTC

I guess the hundreds of millions of successfully-issued certificates are just a fluke. Sounds like it’s time for a less user-hostile hosting provider.

Osiris · 2018-09-03 17:08:57 UTC

Agreed.

You can find another hoster which does have proper support for Let’s Encrypt in the “Web Hosting who support Let’s Encrypt”-thread.

system · 2018-10-03 17:08:58 UTC

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.