Free automatic SSL for cPanel DNS-only servers where FleetSSL cPanel and AutoSSL don't work.
Home Page: https://dnsonly.letsencrypt-for-cpanel.com
License: MIT License
my DNS only servers are setup as secondary mx servers as well, which Im assuming is the reason why exim and dovecot are running (not 100% sure why dovecot). Anyway, seems as if your tool works great for standard WHM access, but how about making it work with all cPanel services running on the DNS only server?
Not working after installation. running latest DNS Only, server has FQDN (can go to https://my.hostname.tld:2087 to log into the DNS Only server.
When the daily cron runs, the cron output is sent via email, and contains:
20171117222715 [ERROR] acme.storageops: could not obtain authorization for my.hostname.tld: failed all combinations
20171117222715 [ERROR] acme.storageops: Target(my.hostname.tld;https://acme-v01.api.letsencrypt.org/directory;0): failed to request certificate: failed all combinations
20171117222715 [ERROR] acme.storageops: error while processing targets: the following errors occurred:
error satisfying Target(my.hostname.tld;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
20171117222715 [ERROR] acme.storageops: failed to reconcile: the following errors occurred:
error satisfying Target(my.hostname.tld;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
20171117222715 [CRITICAL] acmetool: fatal: reconcile: the following errors occurred:
error satisfying Target(my.hostname.tld;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
The actual FQDN hostname has been redacted to my.hostname.tld
Hello,
Currently on some cPanel DNSONLY servers i manage, i manually install and renew Let's Encrypt certificates by using certbot.
When i install a certificate for the first time, at the certbot command i insert the e-mail address Let's Encrypt will use in order to send me notifications about the certificate expiry. That is very convenient, in order not to forget renewing a certificate.
I am not able to find such option either at your module, or at acmetool .
Is anyone aware of such an option?
Using DNSonly 11.72 (last stable), then installed as:
https://dnsonly.letsencrypt-for-cpanel.com/
But after all process acmetool failed. I don't know if script is updated or not, some differences on what is trying to do acmetool and what it is installed on 11.72 version I think.
Debug output:
root@xx [/usr/local/letsencrypt-cpanel-dnsonly]# /usr/local/letsencrypt-cpanel-dnsonly/acmetool --xlog.severity=debug reconcile
20180824112114 [DEBUG] acme.storageops: Target(host.domain.example;https://acme-v01.api.letsencrypt.org/directory;0): best certificate satisfying is , err=Target(host.domain.example;https://acme-v01.api.letsencrypt.org/directory;0): no certificate satisfies this target
20180824112114 [DEBUG] acme.storageops: Target(host.domain.example;https://acme-v01.api.letsencrypt.org/directory;0): requesting certificate
20180824112114 [DEBUG] acme.api: request: https://acme-v01.api.letsencrypt.org/directory
20180824112115 [DEBUG] acme.api: response: &{200 OK 200 HTTP/1.1 1 1 map[Expires:[Fri, 24 Aug 2018 14:21:15 GMT] Pragma:[no-cache] Date:[Fri, 24 Aug 2018 14:21:15 GMT] Server:[nginx] Content-Type:[application/json] Content-Length:[658] Replay-Nonce:[OljtVqajiY9Doz4PRPq3csY62T25rpKjZMnlpkVM82M] X-Frame-Options:[DENY] Strict-Transport-Security:[max-age=604800] Cache-Control:[max-age=0, no-cache, no-store] Connection:[keep-alive]] 0xc420040480 658 [] false false map[] 0xc420073d00 0xc420076000}
20180824112115 [DEBUG] acme.api: request: https://acme-v01.api.letsencrypt.org/acme/new-reg
20180824112115 [DEBUG] acme.api: response: &{409 Conflict 409 HTTP/1.1 1 1 map[Pragma:[no-cache] Server:[nginx] Content-Type:[application/problem+json] Content-Length:[107] Location:[https://acme-v01.api.letsencrypt.org/acme/reg/40795543] Expires:[Fri, 24 Aug 2018 14:21:15 GMT] Cache-Control:[max-age=0, no-cache, no-store] Boulder-Requester:[40795543] Replay-Nonce:[mQBa3QvBJvb5R1ubayI6GY7uvuQVpUdg1rC2JLc2Ysw] Date:[Fri, 24 Aug 2018 14:21:15 GMT]] 0xc420040740 107 [] true false map[] 0xc4201bcc00 0xc420076000}
20180824112115 [DEBUG] acme.api: request: https://acme-v01.api.letsencrypt.org/acme/reg/40795543
20180824112116 [DEBUG] acme.api: response: &{202 Accepted 202 HTTP/1.1 1 1 map[Connection:[keep-alive] Server:[nginx] Content-Type:[application/json] Content-Length:[961] Boulder-Requester:[40795543] Cache-Control:[max-age=0, no-cache, no-store] Link:[https://acme-v01.api.letsencrypt.org/acme/new-authz;rel="next" https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf;rel="terms-of-service"] Replay-Nonce:[W6rcrSvNff_WWI94Woe5Kvv0ViIE5SfRTxOxFYVJSfM] Expires:[Fri, 24 Aug 2018 14:21:16 GMT] Pragma:[no-cache] Date:[Fri, 24 Aug 2018 14:21:16 GMT]] 0xc420150700 961 [] false false map[] 0xc4201bd000 0xc4202e6630}
20180824112116 [DEBUG] acme.storageops: trying to obtain authorization for "host.domain.example"
20180824112116 [DEBUG] acme.api: request: https://acme-v01.api.letsencrypt.org/acme/new-authz
20180824112117 [DEBUG] acme.api: response: &{201 Created 201 HTTP/1.1 1 1 map[X-Frame-Options:[DENY] Date:[Fri, 24 Aug 2018 14:21:17 GMT] Content-Length:[996] Location:[https://acme-v01.api.letsencrypt.org/acme/authz/XQeTiKgnrubi8ZzXJvpP6jcKNYOYcNWNihuW5VTOisg] Replay-Nonce:[umlMs_f6I2hUrFrDQyP05aXRmdqCIekrMaqp05M35GE] Boulder-Requester:[40795543] Expires:[Fri, 24 Aug 2018 14:21:17 GMT] Connection:[keep-alive] Server:[nginx] Content-Type:[application/json] Pragma:[no-cache] Link:[https://acme-v01.api.letsencrypt.org/acme/new-cert;rel="next"] Strict-Transport-Security:[max-age=604800] Cache-Control:[max-age=0, no-cache, no-store]] 0xc420150a80 996 [] false false map[] 0xc4201bdd00 0xc4202e6630}
20180824112117 [DEBUG] acme.solver: attempting challenge type http-01
20180824112117 [DEBUG] acme.responder: failed to listen on [::]:80: listen tcp [::]:80: bind: address already in use
20180824112117 [DEBUG] acme.responder: failed to listen on :80: listen tcp :80: bind: address already in use
20180824112117 [DEBUG] acme.responder: listening on [::1]:402
20180824112117 [DEBUG] acme.responder: listening on 127.0.0.1:402
20180824112117 [DEBUG] acme.responder: listening on [::1]:4402
20180824112117 [DEBUG] acme.responder: listening on 127.0.0.1:4402
20180824112117 [DEBUG] acme.responder: writing 1 webroot challenge files
20180824112117 [DEBUG] acme.responder: writing webroot file /var/run/acme/acme-challenge/v_69p3mIkL2T9kjeb1VNop_yycAc0glIo8lxk_KLsUE
20180824112117 [DEBUG] acme.hooks: calling hook script: /usr/libexec/acme/hooks/certificate-hook.sh
20180824112117 [DEBUG] acme.hooks: calling hook script: /usr/libexec/acme/hooks/reload
20180824112117 [DEBUG] acme.responder: http-01 self test
20180824112122 [INFO] acme.responder: http-01 self test failed: Get http://host.domain.example/.well-known/acme-challenge/v_69p3mIkL2T9kjeb1VNop_yycAc0glIo8lxk_KLsUE: net/http: request canceled (Client.Timeout exceeded while awaiting headers)
20180824112122 [DEBUG] acme.responder: removing webroot file /var/run/acme/acme-challenge/v_69p3mIkL2T9kjeb1VNop_yycAc0glIo8lxk_KLsUE
20180824112122 [DEBUG] acme.hooks: calling hook script: /usr/libexec/acme/hooks/certificate-hook.sh
20180824112122 [DEBUG] acme.hooks: calling hook script: /usr/libexec/acme/hooks/reload
20180824112122 [DEBUG] acme.solver: challenge start failed: Get http://host.domain.example/.well-known/acme-challenge/v_69p3mIkL2T9kjeb1VNop_yycAc0glIo8lxk_KLsUE: net/http: request canceled (Client.Timeout exceeded while awaiting headers)
20180824112122 [DEBUG] acme.solver: attempting challenge type dns-01
20180824112122 [DEBUG] acme.hooks: calling hook script: /usr/libexec/acme/hooks/certificate-hook.sh
20180824112122 [DEBUG] acme.hooks: calling hook script: /usr/libexec/acme/hooks/reload
20180824112122 [DEBUG] acme.solver: challenge start failed: could not install DNS challenge, no hooks succeeded
20180824112122 [ERROR] acme.storageops: could not obtain authorization for host.domain.example: failed all combinations
20180824112122 [ERROR] acme.storageops: Target(host.domain.example;https://acme-v01.api.letsencrypt.org/directory;0): failed to request certificate: failed all combinations
20180824112122 [DEBUG] acme.storageops: done processing targets, reconciliation complete, 1 errors occurred
20180824112122 [ERROR] acme.storageops: error while processing targets: the following errors occurred:
error satisfying Target(host.domain.example;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
20180824112122 [ERROR] acme.storageops: failed to reconcile: the following errors occurred:
error satisfying Target(host.domain.example;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
20180824112122 [DEBUG] acme.storageops: disjoint hostname mapping: host.domain.example -> Target(host.domain.example;https://acme-v01.api.letsencrypt.org/directory;0)
20180824112122 [DEBUG] acme.storageops: could not find certificate satisfying Target(host.domain.example;https://acme-v01.api.letsencrypt.org/directory;0): Target(host.domain.example;https://acme-v01.api.letsencrypt.org/directory;0): no certificate satisfies this target
20180824112122 [CRITICAL] acmetool: fatal: reconcile: the following errors occurred:
error satisfying Target(host.domain.example;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
Any help will be much appreciated.
Thanks!
[root@ns1 ~]# wget https://cpanel.fleetssl.com/static/letsencrypt.repo -O /etc/yum.repos.d/letsencrypt.repo
--2018-07-04 00:29:08-- https://cpanel.fleetssl.com/static/letsencrypt.repo
Resolving cpanel.fleetssl.com (cpanel.fleetssl.com)... 103.209.24.132
Connecting to cpanel.fleetssl.com (cpanel.fleetssl.com)|103.209.24.132|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 100 [text/plain]
Saving to: ‘/etc/yum.repos.d/letsencrypt.repo’
100%[======================================>] 100 --.-K/s in 0s
2018-07-04 00:29:10 (11.0 MB/s) - ‘/etc/yum.repos.d/letsencrypt.repo’ saved [100/100]
[root@ns1 ~]# yum -y install letsencrypt-cpanel-dnsonly
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Dependencies Resolved
Installing:
letsencrypt-cpanel-dnsonly x86_64 0.1.0-1 letsencrypt-cpanel 4.1 M
Install 1 Package
Total download size: 4.1 M
Installed size: 13 M
Downloading packages:
letsencrypt-cpanel-dnsonly-0.1.0-1.x86_64.rpm | 4.1 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
ns1.ct-netservice.com has address 54.37.242.61
ns1.ct-netservice.com mail is handled by 0 ns1.ct-netservice.com.
Installing : letsencrypt-cpanel-dnsonly-0.1.0-1.x86_64 1/1
!!! Please wait, configuring acmetool !!!
[=======================================================] 100.00% 8s -] 0.00%
------------------------- Quickstart Complete ----------------------
The quickstart process is complete.
Ensure your chosen challenge conveyance method is configured properly
before attempting to request certificates. You can find more
information about how to configure your system for each method in the
acmetool documentation:
https://github.com/hlandau/acme/blob/master/_doc/WSCONFIG.md
To request a certificate, run:
$ sudo acmetool want example.com www.example.com
If the certificate is successfully obtained, it will be placed in
/var/lib/acme/live/example.com/{cert,chain,fullchain,privkey}.
!!! Please wait, trying to issue certificate now !!!
20180704002938 [ERROR] acme.storageops: could not obtain authorization for ns1.ct-netservice.com: failed all combinations
20180704002938 [ERROR] acme.storageops: Target(ns1.ct-netservice.com;https://acme-v01.api.letsencrypt.org/directory;0): failed to request certificate: failed all combinations
20180704002938 [ERROR] acme.storageops: error while processing targets: the following errors occurred:
error satisfying Target(ns1.ct-netservice.com;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
20180704002938 [ERROR] acme.storageops: failed to reconcile: the following errors occurred:
error satisfying Target(ns1.ct-netservice.com;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
20180704002938 [CRITICAL] acmetool: fatal: reconcile: the following errors occurred:
error satisfying Target(ns1.ct-netservice.com;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
warning: %post(letsencrypt-cpanel-dnsonly-0.1.0-1.x86_64) scriptlet failed, exit status 1
Non-fatal POSTIN scriptlet failure in rpm package letsencrypt-cpanel-dnsonly-0.1.0-1.x86_64
Verifying : letsencrypt-cpanel-dnsonly-0.1.0-1.x86_64 1/1
Installed:
letsencrypt-cpanel-dnsonly.x86_64 0:0.1.0-1
Complete!
Hey,
I have got an issue with trying to a renew the SSL Certificate on two of my cPanel DNSonly Servers. This is the response i am getting via SSH.
[root@ns3 ~]# /usr/local/bin/fleetssl-dnsonly --dry-run
2020/03/07 16:34:33 fleetssl-dnsonly/1.0.3
2020/03/07 16:34:33 Will issue certificate because: no existing certificate exis ts
2020/03/07 16:34:34 Creating/fetching ACME account ...
2020/03/07 16:34:34 ACME Account URL: https://acme-staging-v02.api.letsencrypt.o rg/acme/acct/12680161
2020/03/07 16:34:34 Creating order ...
2020/03/07 16:34:35 Order URL: https://acme-staging-v02.api.letsencrypt.org/acme /order/12680161/78310780
2020/03/07 16:34:35 Starting webserver on :80
2020/03/07 16:34:35 Failed to listen on port 80, will fall back to webroot solve r: listen tcp :80: bind: address already in use
2020/03/07 16:34:35 [WEBROOT] Wrote /usr/local/apache/htdocs/.well-known/acme-ch allenge/lD0Mz_YsR_ZhavKj2Gfas7XQCShV-3cOVnNX7InbIDc
2020/03/07 16:34:35 Responding to challenges ...
2020/03/07 16:34:36 [WEBROOT] Removing /usr/local/apache/htdocs/.well-known/acme -challenge/lD0Mz_YsR_ZhavKj2Gfas7XQCShV-3cOVnNX7InbIDc
2020/03/07 16:34:37 Failed to issue certificate: responding to challenge https:/ /acme-staging-v02.api.letsencrypt.org/acme/chall-v3/42552507/Rwjm9A failed: acme : error code 403 "urn:ietf:params:acme:error:unauthorized": Invalid response fro m http://ns3.djpnetworks.com.au/.well-known/acme-challenge/lD0Mz_YsR_ZhavKj2Gfas 7XQCShV-3cOVnNX7InbIDc [103.108.228.102]: "\n\n\n500 Internal Ser"
Any help with this issue would be much appreciated
After a while it's gives the following error:
From: Cron root@ns2 /usr/local/letsencrypt-cpanel-dnsonly/acmetool --batch reconcile
20171201135503 [ERROR] acme.storageops: Target(ns2.myhostname.nl;https://acme-v01.api.letsencrypt.org/directory;0): failed to request certificate: cannot prompt the user: currently non-interactive
20171201135503 [ERROR] acme.storageops: error while processing targets: the following errors occurred:
error satisfying Target(ns2.myhostname.nl;https://acme-v01.api.letsencrypt.org/directory;0): cannot prompt the user: currently non-interactive
20171201135503 [ERROR] acme.storageops: failed to reconcile: the following errors occurred:
error satisfying Target(ns2.myhostname.nl;https://acme-v01.api.letsencrypt.org/directory;0): cannot prompt the user: currently non-interactive
20171201135504 [CRITICAL] acmetool: fatal: reconcile: the following errors occurred:
error satisfying Target(ns2.myhostname.nl;https://acme-v01.api.letsencrypt.org/directory;0): cannot prompt the user: currently non-interactive
What can I do about this? I replaced my original hostname with myhostname.
[root@ns1 ~]# yum -y install letsencrypt-cpanel-dnsonly
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Could not retrieve mirrorlist http://httpupdate.cpanel.net/cPAddons-c7-x86_64-mirrorlist error was
14: curl#7 - "Failed connect to httpupdate.cpanel.net:80; Connection refused"
One of the configured repositories failed (Unknown),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:
1. Contact the upstream for the repository and get them to fix the problem.
2. Reconfigure the baseurl/etc. for the repository, to point to a working
upstream. This is most often useful if you are using a newer
distribution release than is supported by the repository (and the
packages for the previous distribution release still work).
3. Run the command with the repository temporarily disabled
yum --disablerepo=<repoid> ...
4. Disable the repository permanently, so yum won't use it by default. Yum
will then just ignore the repository until you permanently enable it
again or use --enablerepo for temporary usage:
yum-config-manager --disable <repoid>
or
subscription-manager repos --disable=<repoid>
5. Configure the failing repository to be skipped, if it is unavailable.
Note that yum will try to contact the repo. when it runs most commands,
so will have to try and fail each time (and thus. yum will be be much
slower). If it is a very temporary problem though, this is often a nice
compromise:
yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true
Cannot find a valid baseurl for repo: cpanel-addons-production-feed/7/x86_64
Hello,
I need to perform automatic renewal of the certificates i have installed on cPanel DNSONLY servers.
Currently on one server i have setup the below cron job to run as root:
0 0 1 2,5,8,11 /usr/local/letsencrypt-cpanel-dnsonly/acmetool --xlog.severity=debug reconcile >/dev/null 2>&1
The certificate in my example expires on 15th of May 2018 and i have set the renewal at first day each three months.
Is my approach correct? Will cPanel services be restarted automatically to get the renewed certificate? Or you suggest another procedure?
Thank you in advance,
Dimitris
I followed the website instructions, and no cert was generated or installed.
No error messages. Just ok messages, but nothing happenned.
Have you tried the script on cPanel 80?
service: cpanel
service_description: Calendar, cPanel, WebDisk, Webmail, and WHM Services
metadata:
command: install_service_ssl_certificate
reason: OK
result: 1
version: 1
cpanel: unrecognized service
20190225162313 [ERROR] acme.hooks: hook script: /usr/libexec/acme/hooks/certificate-hook.sh: exit status 1
I have the latest version of letsencrypt-cpanel-dnsonly-1.0.4-1.x86_64 on CentOS7.8 3.10.0-957.1.3.el7.x86_64
Lately, I received continual notifications that the service SSL certificates had not been renewed. Checking /var/log/cron, fleetssl-dnsonly is not executing as it should every twelve hours.
/etc/cron.d/fleetssl-dnsonly contains:
0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/local/bin/fleetssl-dnsonly
I've tried reinstalling. Running /usr/local/bin/fleetssl-dnsonly manually works fine. Executing python -c 'import random; import time; time.sleep(random.random() * 3600)' manually works fine.
I don't see any evidence of /etc/cron.d/fleetssl-dnsonly being triggered in the cron log.
Has anyone seen this and/or has a fix other than hacking or removing the default /etc/cron.d/fleetssl-dnsonly entry and adding it to root's crontab?
Hi I get the following error trying to use your tool:
!!! Please wait, trying to issue certificate now !!!
20180202173736 [ERROR] acme.storageops: could not obtain authorization for removed.host.name: failed all combinations
20180202173736 [ERROR] acme.storageops: Target(removed.host.name;https://acme-v01.api.letsencrypt.org/directory;0): failed to request certificate: failed all combinations
20180202173736 [ERROR] acme.storageops: error while processing targets: the following errors occurred:
error satisfying Target(removed.host.name;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
20180202173736 [ERROR] acme.storageops: failed to reconcile: the following errors occurred:
error satisfying Target(removed.host.name;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
20180202173736 [CRITICAL] acmetool: fatal: reconcile: the following errors occurred:
error satisfying Target(removed.host.name;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
warning: %post(letsencrypt-cpanel-dnsonly-0.0.2-1.x86_64) scriptlet failed, exit status 1
Non-fatal POSTIN scriptlet failure in rpm package letsencrypt-cpanel-dnsonly-0.0.2-1.x86_64
Verifying : letsencrypt-cpanel-dnsonly-0.0.2-1.x86_64 1/1
After doing a 'yum clean all' i am now getting these "HTTPS Error 404 - Not Found" error messages over all four of our DNS servers. I have had this issue for over a week now. Please see attached Error and the yum-config-manager --enable letsencrypt-cpanel settings.
[root@ns1 ~]# yum update
Loaded plugins: fastestmirror, universal-hooks
Loading mirror speeds from cached hostfile
https://wiki.centos.org/yum-errors
If above article doesn't help to resolve this issue please use https://bugs.centos.org/.
letsencrypt-cpanel/primary_db FAILED
https://r.cpanel.fleetssl.com/repodata/e0ae807b589ffbec3c4fc161d59444ffcd6fdd32c8944f6ebf6c99c6a05df482-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found ] 0.0 B/s | 0 B --:--:-- ETA
Trying other mirror.
https://r.cpanel.fleetssl.com/repodata/e0ae807b589ffbec3c4fc161d59444ffcd6fdd32c8944f6ebf6c99c6a05df482-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found
Trying other mirror.
One of the configured repositories failed (Let's Encrypt for cPanel),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:
1. Contact the upstream for the repository and get them to fix the problem.
2. Reconfigure the baseurl/etc. for the repository, to point to a working
upstream. This is most often useful if you are using a newer
distribution release than is supported by the repository (and the
packages for the previous distribution release still work).
3. Run the command with the repository temporarily disabled
yum --disablerepo=letsencrypt-cpanel ...
4. Disable the repository permanently, so yum won't use it by default. Yum
will then just ignore the repository until you permanently enable it
again or use --enablerepo for temporary usage:
yum-config-manager --disable letsencrypt-cpanel
or
subscription-manager repos --disable=letsencrypt-cpanel
5. Configure the failing repository to be skipped, if it is unavailable.
Note that yum will try to contact the repo. when it runs most commands,
so will have to try and fail each time (and thus. yum will be be much
slower). If it is a very temporary problem though, this is often a nice
compromise:
yum-config-manager --save --setopt=letsencrypt-cpanel.skip_if_unavailable=true
failure: repodata/e0ae807b589ffbec3c4fc161d59444ffcd6fdd32c8944f6ebf6c99c6a05df482-primary.sqlite.bz2 from letsencrypt-cpanel: [Errno 256] No more mirrors to try.
https://r.cpanel.fleetssl.com/repodata/e0ae807b589ffbec3c4fc161d59444ffcd6fdd32c8944f6ebf6c99c6a05df482-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found
[root@ns1 ~]#
[root@ns1 ~]# yum-config-manager --enable letsencrypt-cpanel
Loaded plugins: fastestmirror
========================================================================================================= repo: letsencrypt-cpanel ==========================================================================================================
[letsencrypt-cpanel]
async = True
bandwidth = 0
base_persistdir = /var/lib/yum/repos/x86_64/7
baseurl = https://r.cpanel.fleetssl.com
cache = 0
cachedir = /var/cache/yum/x86_64/7/letsencrypt-cpanel
check_config_file_age = True
compare_providers_priority = 80
cost = 1000
deltarpm_metadata_percentage = 100
deltarpm_percentage =
enabled = 1
enablegroups = True
exclude =
failovermethod = priority
ftp_disable_epsv = False
gpgcadir = /var/lib/yum/repos/x86_64/7/letsencrypt-cpanel/gpgcadir
gpgcakey =
gpgcheck = False
gpgdir = /var/lib/yum/repos/x86_64/7/letsencrypt-cpanel/gpgdir
gpgkey =
hdrdir = /var/cache/yum/x86_64/7/letsencrypt-cpanel/headers
http_caching = all
includepkgs =
ip_resolve =
keepalive = True
keepcache = False
mddownloadpolicy = sqlite
mdpolicy = group:small
mediaid =
metadata_expire = 21600
metadata_expire_filter = read-only:present
metalink =
minrate = 0
mirrorlist =
mirrorlist_expire = 86400
name = Let's Encrypt for cPanel
old_base_cache_dir =
password =
persistdir = /var/lib/yum/repos/x86_64/7/letsencrypt-cpanel
pkgdir = /var/cache/yum/x86_64/7/letsencrypt-cpanel/packages
proxy = False
proxy_dict =
proxy_password =
proxy_username =
repo_gpgcheck = False
retries = 10
skip_if_unavailable = False
ssl_check_cert_permissions = True
sslcacert =
sslclientcert =
sslclientkey =
sslverify = True
throttle = 0
timeout = 30.0
ui_id = letsencrypt-cpanel
ui_repoid_vars = releasever,
basearch
username =
Hello,
Any plan to add support for that os?
It's the os for cPanel.
dnf install letsencrypt-cpanel-dnsonly
Last metadata expiration check: 0:07:58 ago on Wed 07 Apr 2021 05:24:45 PM UTC.
Package letsencrypt-cpanel-dnsonly-0.1.1-1.x86_64 is already installed.
Error:
Problem: cannot install the best candidate for the job
It seems like cPanel has made some changes to version 86, where a default vhost is live on port 80 and 443. This gives that the verification for issuing certs cannot be done.
# rpm -q letsencrypt-cpanel-dnsonly
letsencrypt-cpanel-dnsonly-1.0.2-1.x86_64
# /usr/local/bin/fleetssl-dnsonly
2020/02/19 12:56:25 fleetssl-dnsonly/1.0.2
2020/02/19 12:56:25 Will issue certificate because: no existing certificate exists
2020/02/19 12:56:26 Creating/fetching ACME account ...
2020/02/19 12:56:26 ACME Account URL: https://acme-v02.api.letsencrypt.org/acme/acct/[REDACTED]
2020/02/19 12:56:26 Creating order ...
2020/02/19 12:56:26 Order URL: https://acme-v02.api.letsencrypt.org/acme/order/[REDACTED]/[REDACTED]
2020/02/19 12:56:27 Starting webserver on :80
2020/02/19 12:56:27 Failed to issue certificate: Failed to listen on port 80: listen tcp :80: bind: address already in use
Is this something you're working on?
Ive tried to run this script on my dns only servers and it all runs thru and installs ok but fails at the end.
a debug returns the error:
20190624232959 [CRITICAL] acmetool: fatal: reconcile: the following errors occurred:
error satisfying Target(server.domain.com.au;https://acme-v01.api.letsencrypt.org/directory;0): failed all combinations
where server.domain.com.au = my server hostname
I have recently noticed I am getting emails to indicate my SSL Certificate is about to expire in 15 days. Seems like a cronjob issue as Since running the manual command to updated the certificate just fine.
The email I am getting is from the cPanel DNS Only Server.
Domains: | ns4.yourdomain.com
Issuer: | Let's Encrypt
Key Size: | 2048
Expires: | Tuesday, October 15, 2019 at 7:00:10 AM UTC
And I am currently running the latest version.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.