Control Web Panel
WebPanel => SSL => Topic started by: hanliong on June 21, 2023, 02:27:05 AM
-
I have strange condition with CWP. I have deleted the subomdin of abc.domainname.com
I have checked that there is no abc.domainname.com under /var/named/, /home/, subdomain, domain, and accounts.
But everyday I got email alert like this:
[Wed Jun 21 00:10:37 +08 2023] abc.domainname.com:Verify error:DNS problem: NXDOMAIN looking up A for abc.domainname.com - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for abc.domainname.com - check that a DNS record exists for this domain
[Wed Jun 21 00:10:37 +08 2023] Please check log file for more details: /root/.acme.sh/cwp_certs/acme.sh.log
[Wed Jun 21 00:10:38 +08 2023] Error renew abc.domainname.com_ecc.
How can I solve this, so it does not try to renew the SSL anymore?
Thanks.
-
Is the subdomain still listed as an orphan under Webserver Settings > SSL Certificates? If so, delete it. Otherwise, you may need to manually delete the LetsEncrypt/AutoSSL config file.
-
No, it is not listed under the SSL Certificate, too.
How to remove it manually from the Lets Encrypt config file? where is the file location?
Thanks.
-
/root/.acme.sh/cwp_certs/As an example, you would delete the offending domain:
rm -rf /root/.acme.sh/cwp_certs/www.domain.comWhich removes the domain configuration, certificates and keys -- so make SURE you want to do this:
[root@srv]# ls -al /root/.acme.sh/cwp_certs/www.domain.com
total 40
drwxr-xr-x. 3 root root 211 Apr 1 2021 .
drwxr-xr-x. 89 root root 4096 Jun 21 22:22 ..
drwxr-xr-x. 2 root root 58 Apr 1 2021 backup
-rw-r--r--. 1 root root 3751 May 23 00:42 ca.cer
-rw-r--r--. 1 root root 5682 May 23 00:42 fullchain.cer
-rw-r--r--. 1 root root 1931 May 23 00:42 www.domain.com.cer
-rw-r--r--. 1 root root 918 May 23 00:42 www.domain.com.conf
-rw-r--r--. 1 root root 1094 May 23 00:42 www.domain.com.csr
-rw-r--r--. 1 root root 259 May 23 00:42 www.domain.com.csr.conf
-rw-r--r--. 1 root root 1679 Apr 1 2021 www.domain.com.key]
-
I also have the problem that an attempt is made to generate ssl for subdomains that no longer exist. Is there any reaction from CWP management if and when the problem will be fixed?
-
It's not a problem, sounds like the domain wasn't deleted thru CWP.
If you look in DNS, you will probably see the domain name still listed.
You will have to manually delete the DNS & SSL certificates like overseer explained.
-
It's not a problem, sounds like the domain wasn't deleted thru CWP.
If you look in DNS, you will probably see the domain name still listed.
You will have to manually delete the DNS & SSL certificates like overseer explained.
It is apparently a bug and should be solved. If we do everything ourselves, then we don't need a CWP... Sorry, but that's the truth...
-
Not a bug, something just went wrong somewhere, and needs to be done manually.
Is simple to do for a sysadmin. And @overseer even gave the commands to run in the CLI.
But good luck finding a free managed solution out there.
There isn't one. Sorry for the truth, but there it is.
-
Especially a bug-free management solution!
The way I look at it, I could use just the CLI on a headless install and manage just fine (but possibly with a boost from Copilot or Webmin) -- but the main driver for having a control panel is for the sake of the end user customers, unless you're only selling managed hosting packages where you do all the leg work. You can't give out a shell account and say "Good luck, have fun!"