Renewal of SAN certs not working #256
Comments
|
Did you create your cert with the manual plugin? |
|
Yes.
|
|
The manual plugin doesn't currently support renewals. #195 is an enhancement for the manual plugin to support renewals. |
|
What can do I (or what are others doing) in the mean time to get it renew
|
|
You just have to issue the certificate again. So it's a new cert not a renewal. It's going to be a while before I have any time to work on the enhancement. You can post under that enhancement and see if someone else has time to work on it. |
|
I'll work on the enhancement for you. I've been looking at the code and issues and noticed that this worked in the only change I've seen in the ManualPlugin.cs between 1.6 and 1.9 that public override void Renew(Target target) Looking at the same method in the IISPlugin.cs shows the following: public override void Renew(Target target) Obviously I need to get more familiar with the code, but this is what I got On Mon, Jul 11, 2016 at 4:40 PM, Robert Kerber notifications@github.com
|
|
Technically none of the plugins actually renew any certs. They just issue a new cert with the same info as last time. So it doesn't really renew it. But even that's better than nothing. If you read through the conversation in #195 and the other issues listed there, there was discussion about adding in a command line argument and maybe requiring the script to be specified. I'm going to close this issue, and if you have other questions about it, you can post them in #195. |
|
ok. thank you for that info. On Mon, Jul 11, 2016 at 5:07 PM, Robert Kerber notifications@github.com
|
I am trying to renew a SAN cert with 100 domains that I created which expires 07/31/2016.
The schedule task runs daily and completes without problem using the following:
C:\install\letsencrypt-win-simple.v1.9.1\letsencrypt.exe --renew --baseuri "https://acme-v01.api.letsencrypt.org/"
However if I look at my Web Hosting certificate store, I still see the old cert that expires on 07/31/2016.
I next tried to run the renewal process manually to no avail:
PS C:\install\letsencrypt-win-simple.V1.9.1> .\letsencrypt.exe --renew --baseuri "https://acme-v01.api.letsencrypt.org/"
Let's Encrypt (Simple Windows ACME Client)
Renewal Period: 60
Certificate Store: WebHosting
ACME Server: https://acme-v01.api.letsencrypt.org/
Config Folder: C:\Users\Administrator\AppData\Roaming\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org
Certificate Folder: C:\Users\Administrator\AppData\Roaming\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org
Loading Signer from C:\Users\Administrator\AppData\Roaming\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org\Sign
er
Getting AcmeServerDirectory
Loading Registration from C:\Users\Administrator\AppData\Roaming\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.or
g\Registration
Checking Renewals
Checking Manual letsencrypt1..com (C:\websites) Renew After 9/9/2016
PS C:\install\letsencrypt-win-simple.V1.9.1>
I noticed that the "Renew After" date was in the future (09/09/2016), so I did some research and change the date in:
HKCU\Software\letsencrypt-win-simple\https://acme-v01.api.letsencrypt.org/
to 07/01/2016 and tried running the manual renew process again and got the following:
PS C:\install\letsencrypt-win-simple.V1.9.1> .\letsencrypt.exe --renew --baseuri "https://acme-v01.api.letsencrypt.org/"
Let's Encrypt (Simple Windows ACME Client)
Renewal Period: 60
Certificate Store: WebHosting
ACME Server: https://acme-v01.api.letsencrypt.org/
Config Folder: C:\Users\Administrator\AppData\Roaming\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org
Certificate Folder: C:\Users\Administrator\AppData\Roaming\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org
Loading Signer from C:\Users\Administrator\AppData\Roaming\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org\Sign
er
Getting AcmeServerDirectory
Loading Registration from C:\Users\Administrator\AppData\Roaming\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.or
g\Registration
Checking Renewals
Checking Manual letsencrypt1..com (C:\websites) Renew After 7/1/2016
Renewing certificate for Manual letsencrypt1..com (C:\websites) Renew After 7/1/2016
WARNING: Unable to renew.
Renewal Scheduled Manual letsencrypt1..com (C:\websites) Renew After 9/9/2016
PS C:\install\letsencrypt-win-simple.V1.9.1>
Don't know why I'm getting the "WARNING: Unable to renew." error.
I'm stuck and I don't know what to do and I don't want my cert to expire and still be in this pickle. Any help would be appreciated.
The text was updated successfully, but these errors were encountered: