Anonymous | Login | 2024-11-21 03:01 MST |
Main | My View | View Issues | Change Log | Roadmap | Repositories |
View Revisions: Issue #22551 | [ All Revisions ] [ Back to Issue ] | ||
Summary | 0022551: Hook to renew Let's Encrypt certificates not working | ||
Revision | 2018-12-12 09:18 by NickH | ||
Description | It looks like clearglass-community initialises itself taking a snapshot of the current Let's Encrypt certificate and key and places them in /var/lib/clearglass/config/ssl/certs. Unfortunately, when Let's Encrypt renews its certificates the new ones are not picked up by clearglass-community and the certificates eventually expire. I did try configuring /var/lib/clearglass/config/ssl/nginx_certs.conf with paths to the Let's Ecrypt live certificates, but nginx cannot read them (chrooted environment or not able to follow symlinks possibly). I've found a hook: /var/clearos/certificate_manager/state/clearglass.conf but it does not look like it is working. |
||
Revision | 2018-12-12 07:02 by NickH | ||
Description | It looks like clearglass-community initialises itself taking a snapshot of the current Let's Encrypt certificate and key and places them in /var/lib/clearglass/config/ssl/certs. Unfortunately, when Let's Encrypt renews its certificates the new ones are not picked up by clearglass-community and the certificates eventually expire. A hook is needed for when the certificates are renewed, when the new certificates need to be copied to /var/lib/clearglass/config/ssl/certs and, presumably, the docker/nginx container needs restarting. I did try configuring /var/lib/clearglass/config/ssl/nginx_certs.conf with paths to the Let's Ecrypt live certificates, but nginx cannot read them (chrooted environment or not able to follow symlinks possibly). |