Since this week I am receiving this emails, with subject "SSL/TLS certificate problems on server server.gdnet.ar" (which server.gdnet.ar is the domain of my server), with this meesage:
Hello gdnet!
During the routine check of the SSL/TLS certificates, the following problems occurred:
Curl: Resolving timed out after 15000 milliseconds (https://acme-v02.api.letsencrypt.org/directory)
Valid until: 2021-10-21 20:16:13 (14 day(s) left)
------------------------------------
Best regards,
Your support team
---
This message was generated automatically.
Please do not reply to this email.
Now, all those domains do respond locally (and of course outside the server). What could be causing this problem suddenly? Some kind of "automatic" blocking of letsencrypt domains/services?
Like I said, this is new. Never received these messages.
On the "14 days left" I see - so I think- this is the first message. Maybe a temporary problem of LE.
But if the message come nightly again and again... You have modified the OS or the system? Your provider use new firewall rules?
You can add a subdomain with a new certificate?
The software said: Requires Win Vista®, 7®, 8® or better. And so I installed Linux.
nikko wrote: ↑Thu 7. Oct 2021, 23:00
On the "14 days left" I see - so I think- this is the first message. Maybe a temporary problem of LE.
But if the message come nightly again and again... You have modified the OS or the system? Your provider use new firewall rules?
You can add a subdomain with a new certificate?
Hi,
I didn't modified anything in my server at all. And no, is no the first. This is the 5º day by now with the same message.
No firewall rules changed, no DNS changed. Like I said, all those domains does response locally (testes with host and nslookup)
is there a way test it? Maybe disabling Let's Encrypt and enabling it again for those domains? I have others domains with Let's Encrypt which are not included in the message list, which is even more weird.
Can you ping the domain "acme-v02.api.letsencrypt.org" from your server?
You can also try to manually trigger the renew of certificates. To do so, enter the command: "keyhelp-toolbox" in the CLI and navigate to "6)" -> "8)".
Maybe your server has some kind of capacity issues, when performing this renew during the default time frame.
Mit freundlichen Grüßen / Best regards
Alexander Mahr
**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
This could be a problem? For example, one of the domain that is failing (chat.gdnet.ar): I have a custom settings for apache in all those domains that are failing, like this one:
Certificate name: chat.gdnet.ar (Let's Encrypt)
Local resolving checks failed for domain "chat.gdnet.ar". Please ensure that your domain is locally resolvable!
Person there seems to have the same type of issue.
Greetings Bas.
Ik heb KeyHelp naar het Nederlands vertaald, contacteer me als er translatie fouten zijn.
(I have translated KeyHelp into Dutch, contact me if there are translation errors.)
Next version 24 of KeyHelp 100% translated.