Author Topic: New SSL configure options  (Read 965 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
New SSL configure options
« on: March 25, 2020, 07:15:43 AM »
Can someone explain to me how these settings are supposed to work under Auto Renovations and Automatic SSL generation?

I noticed the new options there yesterday, and I left them as shown in the image, checking the possible options available. Today I noticed that CWP had installed certificates to all domains on my server, even though I had not checked "Enable"-button in Automatic SSL generation.

And what does SAN stand for?

Offline
***
Re: New SSL configure options
« Reply #1 on: March 25, 2020, 10:00:05 AM »
Another stealth "enhancement", this time with English flaws (renovations?).
@Soisku don't take what the text alongside a button, to mean what you think it means. It may have been lost in translation. ;)
Google is your friend (other search engines exist)..
https://duckduckgo.com/?q=SSL+SAN
Running a server/VPS means YOU take responsibility to learn how to do it properly. If you can't manage, buy shared hosting.
Private messages asking for unpaid help may be ignored.

Offline
*
Re: New SSL configure options
« Reply #2 on: March 25, 2020, 11:47:37 AM »
Looks like SAN was too simple for me to miss. I thought it might have been something CWP specific :P Should I assume that if I have the setting "Not renew SAN" enabled, my www-subdomains wouldn't be included in the next sertificate renewal?

The bigger mystery is why all my domains got certified in the first place when automatic SSL generation wasn't on. I found all of them being installed via acme.sh starting at 00:00 sharp (logged inside acme.sh.log).

Offline
*
Re: New SSL configure options
« Reply #3 on: March 31, 2020, 05:58:55 AM »
I have deleted unnecessary certificates from the list, but they keep coming back even though I don't have Automatic SSL generation active. Documentation over this matter is empty https://docs.control-webpanel.com/docs/admin-guide/webservers-settings/ssl-certificates

A few domains renewed their certificates ignoring the set autorenew window, and all of them ignored www-subdomain yet again. I feel kind of lost here.

Offline
*
Re: New SSL configure options
« Reply #4 on: April 01, 2020, 06:54:17 AM »
I changed the settings on one server to look like this yesterday:


However, today I saw that the server had still installed new certificates to domains from which I had them previously deleted. I also noticed that root crontab looks like this:
Code: [Select]
37 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh/cwp_certs" > /dev/null
37 01 * * * /usr/local/cwp/php71/bin/php /usr/local/cwpsrv/htdocs/resources/admin/include/cron_autossl_renew_all_domains.php
00 00 * * * /usr/local/cwp/php71/bin/php /usr/local/cwpsrv/htdocs/resources/admin/include/cron_autossl_all_domains.php
00 00 * * * /usr/local/cwp/php71/bin/php /usr/local/cwpsrv/htdocs/resources/admin/include/alertandautorenewssl.php

On another server where I thankfully didn't touch those new SSL Configure options it looks like this:
Code: [Select]
05 01 * * * /usr/local/cwp/php71/bin/php /usr/local/cwpsrv/htdocs/resources/admin/include/alertandautorenewssl.php
05 01 * * * /usr/local/cwp/php71/bin/php /usr/local/cwpsrv/htdocs/resources/admin/include/cron_autossl_renew_all_domains.php
47 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh/cwp_certs" > /dev/null

Am I safe to assume that SSL Configure options are not working as intended?