Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Failed to automatic renew certificate

    Scheduled Pinned Locked Moved ACME
    4 Posts 2 Posters 896 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • UnoptanioU Offline
      Unoptanio
      last edited by Unoptanio

      Pfsense 2.7.0
      ACME 0.7.5
      I use it to secure access the webgui from the internet

      a9cfa98f-faec-4140-b616-ad0af8b1cab7-image.png

      What is going on?
      Why doesn't the certificate automatically renew?

      Message1 in email
      7af079d1-f572-431b-bc5b-e96c7ce8f485-image.png

      Message2 in email
      a8226eba-3224-449b-9038-ce11c41726a5-image.png

      84a2786c-5dda-4f07-a554-eb2bc0fe89d0-image.png

      Why did I receive the email notification of failure to renew the certificate?

      f1907cc0-c201-4d39-8b8c-d24fd76691a4-image.png

      126b9348-e796-4d10-b7b5-ffe6ed0c0765-image.png

      now, by clicking on the certificate renewal button you will see:
      [Fri Nov 24 15:22:09 CET 2023] The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead.

      539d26eb-345a-481b-bdca-b8d83c5dfa8f-image.png

      I have changed absolutely nothing since I created the certificate the first time.
      This would be my first certificate renewal

      Until now I have been using certified without any problems. and I'm still continuing to use it because it hasn't expired yet

      510023c6-3c45-4688-9e8f-994515433c20-image.png

      pfSensePlus24.11 2U BareMetal Asrock Industrial IMB-X1314MicroATX
      CPU: i7-13700@5.2GHz, RAM:32GB ECC, n°2 Samsung 870EVO SATA 2.5” SSD 1TB (ZFS) Raid1
      n°3 Intel i225-LM 2500/1000/100Mbps, n°1 NIC Intel i350-T4V2 10/100/1000 Mbps 4*GLAN, n°1 Intel X520-DA2

      S 1 Reply Last reply Reply Quote 0
      • S Offline
        SteveITS Rebel Alliance @Unoptanio
        last edited by

        @Unoptanio I don’t use ACME but “manual mode” needs you to make the DNS change again:
        https://docs.netgate.com/pfsense/en/latest/packages/acme/settings-validation.html#dns-manual

        Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
        Upvote 👍 helpful posts!

        UnoptanioU 1 Reply Last reply Reply Quote 0
        • UnoptanioU Offline
          Unoptanio @SteveITS
          last edited by Unoptanio

          @SteveITS
          What system can I use that works and does automatic renewal? I use it to access the webgui from the internet.

          I have Aruba DNS
          Is it possible use Aruba API to update TXT record ?

          pfSensePlus24.11 2U BareMetal Asrock Industrial IMB-X1314MicroATX
          CPU: i7-13700@5.2GHz, RAM:32GB ECC, n°2 Samsung 870EVO SATA 2.5” SSD 1TB (ZFS) Raid1
          n°3 Intel i225-LM 2500/1000/100Mbps, n°1 NIC Intel i350-T4V2 10/100/1000 Mbps 4*GLAN, n°1 Intel X520-DA2

          S 1 Reply Last reply Reply Quote 0
          • S Offline
            SteveITS Rebel Alliance @Unoptanio
            last edited by

            @Unoptanio I don’t think so? The other methods are all on that page.

            Or just use the self signed cert.

            Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
            Upvote 👍 helpful posts!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.