Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Failed to automatic renew certificate

    Scheduled Pinned Locked Moved ACME
    4 Posts 2 Posters 825 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • UnoptanioU
      Unoptanio
      last edited by Unoptanio

      Pfsense 2.7.0
      ACME 0.7.5
      I use it to secure access the webgui from the internet

      a9cfa98f-faec-4140-b616-ad0af8b1cab7-image.png

      What is going on?
      Why doesn't the certificate automatically renew?

      Message1 in email
      7af079d1-f572-431b-bc5b-e96c7ce8f485-image.png

      Message2 in email
      a8226eba-3224-449b-9038-ce11c41726a5-image.png

      84a2786c-5dda-4f07-a554-eb2bc0fe89d0-image.png

      Why did I receive the email notification of failure to renew the certificate?

      f1907cc0-c201-4d39-8b8c-d24fd76691a4-image.png

      126b9348-e796-4d10-b7b5-ffe6ed0c0765-image.png

      now, by clicking on the certificate renewal button you will see:
      [Fri Nov 24 15:22:09 CET 2023] The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead.

      539d26eb-345a-481b-bdca-b8d83c5dfa8f-image.png

      I have changed absolutely nothing since I created the certificate the first time.
      This would be my first certificate renewal

      Until now I have been using certified without any problems. and I'm still continuing to use it because it hasn't expired yet

      510023c6-3c45-4688-9e8f-994515433c20-image.png

      pfSensePlus24.03 2U BareMetal Asrock Industrial IMB-X1314MicroATX
      CPU: i7-13700@5.2GHz, RAM:32GB ECC, n°2 Samsung 870EVO SATA 2.5” SSD 1TB (ZFS) Raid1
      n°3 Intel i225-LM 2500/1000/100Mbps, n°1 NIC Intel i350-T4V2 10/100/1000 Mbps 4*GLAN, n°1 Intel X520-DA2

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @Unoptanio
        last edited by

        @Unoptanio I don’t use ACME but “manual mode” needs you to make the DNS change again:
        https://docs.netgate.com/pfsense/en/latest/packages/acme/settings-validation.html#dns-manual

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        UnoptanioU 1 Reply Last reply Reply Quote 0
        • UnoptanioU
          Unoptanio @SteveITS
          last edited by Unoptanio

          @SteveITS
          What system can I use that works and does automatic renewal? I use it to access the webgui from the internet.

          I have Aruba DNS
          Is it possible use Aruba API to update TXT record ?

          pfSensePlus24.03 2U BareMetal Asrock Industrial IMB-X1314MicroATX
          CPU: i7-13700@5.2GHz, RAM:32GB ECC, n°2 Samsung 870EVO SATA 2.5” SSD 1TB (ZFS) Raid1
          n°3 Intel i225-LM 2500/1000/100Mbps, n°1 NIC Intel i350-T4V2 10/100/1000 Mbps 4*GLAN, n°1 Intel X520-DA2

          S 1 Reply Last reply Reply Quote 0
          • S
            SteveITS Galactic Empire @Unoptanio
            last edited by

            @Unoptanio I don’t think so? The other methods are all on that page.

            Or just use the self signed cert.

            Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
            Upvote 👍 helpful posts!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.