This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Secure Sentora Domains with Let's Encrypt
#21
RE: Secure Sentora Domains with Let's Encrypt
Pfa help me someone i have a problem i maded a encript for a domain and all my server accounts are down Sad

i used that command form up

please help
Reply
Thanks given by:
#22
RE: Secure Sentora Domains with Let's Encrypt
(12-07-2016, 09:44 AM)ogika Wrote: Pfa help me someone i have a problem i maded a encript for a domain and all my server accounts are down Sad

i used that command form up

please help

Look for the file located at:
Code:
/etc/httpd/conf.d/ssl.conf

Open the file and look for the Listen 443 and comment it out with a # sign (
#Listen
443). Restart apache, run the Sentora daemon in bash/ssh and you should be back in business, that is unless you monkeyed with the httpd.conf or worse yet the httpd-vhosts.conf file. You can make changes to the file that will be over ridden in short order by SENTORA, but in some circumstances you cannot log back in to the panel to enter the correct data into the Apache Config module in SENTORA without making a short term change in that file. Remember it WILL get written over when the job runs that takes the data from in SENTORA and rewrites your httpd-vhosts.conf file at regular intervals.

Finally, while I should have mentioned this first, is the fact you have given us next to no information to go on. Please try and supply the community here with pertinent data about your server setup so we may help assist you further.

...and if your statement that follows:
Quote:i used that command form up
refers to you running out of authorizations with Let's Encrypt and need to wait a week or so for them to reset the system and allow you to try again, there is no one including Let's Encrypt that can help you with that - you must be banned for a term, otherwise they would be inundated with requests that are wrong, or illegitimate. So if they have told you you are out of authorizations, you will have to wait the term stated by them before even attempting to use Let's Encrypt for whatever domain you got temporarily banned from securing.

Keep in mind too, that the first thing you might want to investigate is all of your server logs. In your case I would guess the Apache log might be where to start, but if you find odd errors in any of the log files, repost them here for people to assist. Please use the <code block> icon above so your logs are not pages long on the forum.
Everyone makes mistakes, but to truly screw up it takes the root password!
Reply
Thanks given by: TGates
#23
RE: Secure Sentora Domains with Let's Encrypt
How to autorenew all SSL certificates (login Sentora and domains) - without our interventions?
It's ok to create a cron job like the following to run every 2 months?


Code:
1 0 * */2 * /path/to/letsencrypt-auto renew

Or there is another command?
Reply
Thanks given by:
#24
RE: Secure Sentora Domains with Let's Encrypt
A cron job should be the thing you do to renew all of them automatically, and yes use "letsencrypt-auto renew" to renew all of the certificates at once. You also could use epressions and list the month, but your idea is the most compact.
Code:
0 1 1 */2 * /path/to/letsencrypt-auto renew
This should run on the first day of every second month at 1:00.
Everyone makes mistakes, but to truly screw up it takes the root password!
Reply
Thanks given by:
#25
RE: Secure Sentora Domains with Let's Encrypt
I think a weekly or even daily crontab task would be more effective to ensure your sites stay active. (I use a daily crontab at 4am) I had issues when setting it monthly because it will only auto-renew a week or so before expiration.
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by: worksmarter
#26
RE: Secure Sentora Domains with Let's Encrypt
Thank you both.
I assume that a daily cron job is better than weekly or monthly, especially if we have certs who are going to expire at different moments. So, my cron job is:

Code:
01 0 * * * /path/to/folder/letsencrypt/./letsencrypt-auto renew >> /var/log/letsencrypt/letsencrypt_renew.log
Reply
Thanks given by:
#27
RE: Secure Sentora Domains with Let's Encrypt
(01-08-2017, 05:58 PM)Bobses Wrote: Thank you both.
I assume that a daily cron job is better than weekly or monthly, especially if we have certs who are going to expire at different moments. So, my cron job is:

Code:
01 0 * * * /path/to/folder/letsencrypt/./letsencrypt-auto renew >> /var/log/letsencrypt/letsencrypt_renew.log

do i have to use this code as root ? nothing else to do before?
Reply
Thanks given by:
#28
RE: Secure Sentora Domains with Let's Encrypt
require remplace this code on doc

Code:
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto --help

retrun errorr

Code:
bash: ./letsencrypt-auto: No such file or directory

by this

Code:
git clone https://github.com/certbot/certbot
cd certbot/letsencrypt-auto-source
./letsencrypt-auto --help

or this


Code:
wget https://github.com/certbot/certbot/raw/master/letsencrypt-auto-source/letsencrypt-auto
chmod +x letsencrypt-auto
./letsencrypt-auto --help

or for new system

Ubuntu/Debian

Code:
apt-get -y install certbot

CentOS/RHEL/AlmaLinux/Rocky Linux/Fedora

Code:
dnf -y install certbot


easy use in full silent mode

not require stop apache

not require email adresse

Code:
certbot --non-interactive --agree-tos --register-unsafely-without-email --renew-by-default --standalone --http-01-port 90 certonly -d www.softwarecollections.org -d softwarecollections.org



letsencrypt-auto --non-interactive --agree-tos --register-unsafely-without-email --renew-by-default --standalone --http-01-port 90 certonly -d www.softwarecollections.org -d softwarecollections.org
Reply
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
Secure Sentora With SSLForFree Chris L 1 5 ,331 01-22-2020, 09:19 PM
Last Post: ralphharder
Fail2ban for Sentora (Centos 7) bbspike 14 48 ,755 01-14-2020, 07:32 AM
Last Post: Vedran B
Timeout for Sentora Admin Panel minufreelance 12 48 ,901 11-24-2018, 12:33 PM
Last Post: fearworks

Forum Jump:


Users browsing this thread: 1 Guest(s)