Open Waldorf3 opened 2 years ago
the1ts
commented
2 years ago @Waldorf3 There is a problem with renewing if force SSL is turned on, if that is true for you, turn off force SSL, renew then turn back on. Its awaiting a fix to be merged #2038
huntitus
commented
2 years ago We have the same symptoms. The certificates not renewed by automatically. When I try to renew manually on the GUI, it provide an "internal error" message (without any error code, or details). Sadly this solution is not reliable :/
Edit:
Looks like this problem is very old :/ and still exist.
Waldorf3
commented
2 years ago We have the same symptoms. The certificates not renewed by automatically. When I try to renew manually on the GUI, it provide an "internal error" message (without any error code, or details). Sadly this solution is not reliable :/
Edit:
- Turning off the "force SSL" option not worked for me.
- This solution, (from 2022 March 24) worked for me: Renew now on SSL Certificates page gives internal error #1816 (comment)
Looks like this problem is very old :/ and still exist.
I already tried the "uncheck force ssl and reissue cert", it just throws an "internal error".
I'm running NPM in docker, not sure how to start fiddling with a script to fix this. Would be better if the author would acknowledge the bug and offer a proper solution.
Waldorf3
commented
2 years ago I'm just realizing I might be barking up the wrong tree. Is jc21 the actual developer/maintainer of this code, or just the docker-packager? If not, who is responsible for the code, who can fix this bug?
I actually find the NPM SSL subsystem to be quite fragile. If for example you try to enable SSL for a site that does not have a root directory, such as for example ubooquity (requires http://ubooquity/ubooquity) it will also fail with a nondescript "internal error", and only way to fix is manually cleaning up the database. That's a viable solution for a single failed certificate, not for a system with 30 or more proxy hosts with failed certs.
the1ts
commented
2 years ago JC21 is the developer and the only fragility at the moment that I see is the renew issue outstanding a merge. I simply don't see how NPM fronting for ubooquity results in an internal error that requires DB cleanup. The application isn't even hit for letsencrypt SSL certs to be created via the HTTP auth method. Also picking a pretty broken by modern standards application like ubooquity to measure success is odd. It has, as you say, no root directory so requires special measures and also a different port for admin so requires special measures again, no tool calling itself easy to use can be expected to handle both those broken by modern standards decisions. Often internal errors are after people remove active SSL certs breaking Nginx config i.e. ignoring the warning. What specific errors are you still getting?
EDIflyer
commented
2 years ago Just to confirm that PR #2038 by @the1ts seems to be doing the trick for me.
github-actions[bot]
commented
9 months ago Issue is now considered stale. If you want to keep it open, please comment :+1:
Saibamen
commented
9 months ago 👍
jdhorner
commented
5 days ago 👍
After using this container for months, if not years, with minimal interaction necessary, suddenly certificates are no longer automatically updated. Nothing changed in my environment so I'm a bit at a loss what happened.
From the log: