Problem

CloudPanel failed to automatically renew Let’s encrypt SSL certificate. An unauthorized error is spotted while updating manually.

Solutions (not work for me)

Credit to ccMatrix, here are some possible solutions from the project maintenance team:

https://feature-requests.cloudpanel.io/posts/362/auto-renew-ssl-certificates

  • the server OS does not have the cron service installed
  • the cron file in /etc/cron.d/clp was deleted or has incorrect permissions
  • the vhost was changed to not allow access to the acme challenge file anymore
  • the firewall restricts access for the public servers from let’s encrypt so they cannot read the challenge file
  • DNS records are wrong. Often an AAAA records was added with an incorrect IP which breaks renewal.

pscriptos also provided a quality script solution

https://github.com/cloudpanel-io/cloudpanel-ce/discussions/408

Workaround

None of the solutions above worked for me in a very limited time thus I decided to go with Cloudflare Certificate.

https://www.cloudpanel.io/docs/v2/frontend-area/tls

  1. enable the Proxy for DNS Records
  2. Click on SSL/TLS in the left menu and choose the Full mode.
  3. Enable Allow Traffic from Cloudflare only for website on CloudPanel
Last modified: 28/08/2024

Author

Comments

Write a Reply or Comment

Your email address will not be published.