Letsencrypt auto renew?

Morphy · May 19, 2017, 9:37pm

line=“30 2 * * 1 “~/acme.sh”/acme.sh --cron --home “~/acme.sh” > /dev/null” (crontab -u root -l; echo “$line” ) | crontab -u root -

JMSolo · May 19, 2017, 9:38pm

I’ll make this simpler. The above is intended to be used as a command to add it to the file for you… not within the crontab.

Just add this line to crontab -e

"30 2 * * 1 "~/acme.sh"/acme.sh --cron --home "~/acme.sh" > /dev/null"

Morphy · May 19, 2017, 9:39pm

DevilBox:/home# crontab -e
no crontab for root - using an empty one
crontab: installing new crontab
"/tmp/crontab.6hE5OD/crontab":22: bad minute
errors in crontab file, can’t install.
Do you want to retry the same edit? (y/n)

JMSolo · May 19, 2017, 9:39pm

Sorry, remove the quotes…

30 2 * * 1 "~/acme.sh"/acme.sh cron home "~/acme.sh" > /dev/null

Morphy · May 19, 2017, 9:41pm

added and rebooting brb

JMSolo · May 19, 2017, 9:41pm

There’s really no need to reboot after adding the cron entry

Morphy · May 19, 2017, 9:41pm

Oh well … can’t stop it now heheheh

bate · May 19, 2017, 9:42pm

This was installed using box install letsencrypt
Is your sudo crontab -e completely empty?

Morphy · May 19, 2017, 9:44pm

Yep … but now I added the line as JMsolo showed me.

bate · May 19, 2017, 9:45pm

Crontab -e usually holds

# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h  dom mon dow   command

Morphy · May 19, 2017, 9:45pm

ahh well that info was there but not the cronjob

Morphy · May 19, 2017, 9:46pm

Oh while you are here Bate - how do i update the LE?

bate · May 19, 2017, 9:51pm

This will update the cert

Morphy · May 19, 2017, 9:52pm

Ahh perfect

Thanks for the help guys - very much appreciated .

Morphy

Stiffy · May 30, 2017, 4:56pm

Just want to check if only me but this doesnt work.
I’ve PMed JMSolo few hours ago as he was the one that installed the quickbox DNS for me, but it doesnt seem to autorenew. He states it should on the day it expires, but it didnt. Now when i go to dashboard, i first get an error page (Not secure) with error message NET::ERR_CERT_DATE_INVALID.
I also looked in my crontab -e and i do have these

30 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
30 2 * * 1 ~/acme.sh/acme.sh --cron --home ~/acme.sh > /dev/null
30 2 * * 1 ~/acme.sh/acme.sh --cron --home ~/acme.sh > /dev/null

but now the day after it expired i have an unsecure site.
Do note i have not touched anything with this dns stuff, everything is after jmsolo installed it for me from my order. Anyone can help?

Stiffy · May 31, 2017, 3:02pm

Forgot to mention the solution, as JMSolo autorenew doesnt work.
If you need to renew, just sign in to root ssh and write

/root/.acme.sh/acme.sh --renew -d domain.quickbox.io

Dont forget to stop apache2 first and start it after when done.
Now my site is secure via https again.

JMSolo · May 31, 2017, 5:34pm

I answered your PM. The problem is the duplicate entries you have in your cron, not necessarily the lack of domain. It will automagically find the cert and update accordingly.

ondansetron · February 28, 2018, 7:29am

I wanted to post an update as none of the above solutions worked for me. It seems that the issue with auto-renew is related to apache2 not being stopped by acme.sh when it attempts to renew. I get the following error when I attempted manual renewal using bash ~/acme.sh-master/acme.sh --renew -d mydomain.com

[Wed Feb 28 02:24:01 EST 2018] LISTEN     0      128         :::80                      :::*                   users:(("apache2",pid=10843,fd=4),("apache2",pid=10842,fd=4),("apache2",pid=10841,fd=4),("apache2",pid=10840,fd=4),("apache2",pid=10828,fd=4),("apache2",pid=10824,fd=4),("apache2",pid=3772,fd=4),("apache2",pid=3771,fd=4),("apache2",pid=3770,fd=4),("apache2",pid=3766,fd=4),("apache2",pid=3761,fd=4),("apache2",pid=3011,fd=4))
[Wed Feb 28 02:24:01 EST 2018] tcp port 80 is already used by 80
[Wed Feb 28 02:24:01 EST 2018] Please stop it first
[Wed Feb 28 02:24:01 EST 2018] _on_before_issue.

So i stopped the apache2 service manually (systemctl stop apache2.service) then ran the above command, it successfully renewed letsencrypt. I restarted apache2 manually as well and it’s working.

bate · February 28, 2018, 10:35am

system · March 3, 2018, 10:35am

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.