Caprover: Auto Renew of SSL certificate didn't worked

Created on 7 Aug 2018  路  3Comments  路  Source: caprover/caprover

Hi,
The issue that i noticed today when i opened one of my servers with captain dashboard, that fall back to http and prompt me of insecure connection.
How can I manually renew SSL certificate , because somehow it didn't renewed automatically?
Thanks

Most helpful comment

Almost every 24hrs Captain performs a check on expiring SSL certs. This starts 1 minute after Captain boots up. The only reason that your certs are not getting updated could be that you've changed some configs, somewhere that makes Let'sEncrypt unable to perform validation check.

Anyways, to fix:
Method 1:
Restart Captain: https://caprover.com/docs/troubleshooting.html#how-to-restart-caprover

Wait for 5 minutes, retry to see if SSL issue is fixed. If not go to method 2:

Method 2:
run:

docker exec -it $(docker ps --filter name=captain-certbot -q) /bin/sh

Then

certbot renew

This command shows a complete report of errors and logs. IMPORTANT NOTE: even when everything is normal, you will see some errors related to the removed apps. You can safely ignore them, this is not affecting the process at all.

I'd be interested in knowing what the issue was. Please post an update here once you have more info.

All 3 comments

Almost every 24hrs Captain performs a check on expiring SSL certs. This starts 1 minute after Captain boots up. The only reason that your certs are not getting updated could be that you've changed some configs, somewhere that makes Let'sEncrypt unable to perform validation check.

Anyways, to fix:
Method 1:
Restart Captain: https://caprover.com/docs/troubleshooting.html#how-to-restart-caprover

Wait for 5 minutes, retry to see if SSL issue is fixed. If not go to method 2:

Method 2:
run:

docker exec -it $(docker ps --filter name=captain-certbot -q) /bin/sh

Then

certbot renew

This command shows a complete report of errors and logs. IMPORTANT NOTE: even when everything is normal, you will see some errors related to the removed apps. You can safely ignore them, this is not affecting the process at all.

I'd be interested in knowing what the issue was. Please post an update here once you have more info.

Thank you for your help, yes i noticed today it has renewed.
Also was wondering how can I turn off https for single app ?

Currently there's no way tor disabling https. Because there's no real use case for it. If you don't need it, simply just don't use it. Keep in mind that "forcing to https" on the other hand, is something that can be toggled on and off.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

drmrbrewer picture drmrbrewer  路  4Comments

rschaerer picture rschaerer  路  4Comments

Briston-KS picture Briston-KS  路  5Comments

icebob picture icebob  路  3Comments

hamza-younas94 picture hamza-younas94  路  4Comments