Can't get new SSL certificate

avanty42 · 14 January 2025 11:49

Problem Description

I’ve been getting emails with the following:
run-parts: /etc/cron.daily/sympl-ssl exited with return code 1

sympl-ssl can’t get a new certificate for the server.shilka.uk domain. It’s been working for some time, but for some reason has stopped working.

How do I resolve this?

Any Error Messages

Output from sympl-ssl --verbose server.shilka.uk

* Examining certificates for server.shilka.uk
        SSL set 1: Not valid for server.shilka.uk -- certificate has expired (10)
        SSL set 2: Not valid for server.shilka.uk -- certificate has expired (10)
        SSL set 3: Not valid for server.shilka.uk -- certificate has expired (10)
        SSL set 4: Not valid for server.shilka.uk -- certificate has expired (10)
        SSL set 5: Not valid for server.shilka.uk -- certificate has expired (10)
        SSL set 6: Not valid for server.shilka.uk -- certificate has expired (10)
        SSL set 7: Not valid for server.shilka.uk -- certificate has expired (10)
        Current SSL set 8: signed by /C=US/O=Let's Encrypt/CN=R11, expires 2025-02-11 05:27:08 UTC
        The current certificate expires in 28 days.
        Fetching a new certificate from LetsEncrypt.
        Requesting verification for server.shilka.uk from https://acme-v02.api.letsencrypt.org/directory
        Successfully verified server.shilka.uk
        !! Failed: Invalid identifiers requested :: Cannot issue for "server": Domain name needs at least one dot

Environment

Sympl Version: 12
Debian Version: 12.9
Hardware Type: Intel Xeon E3-1275v5
Hosted With: Hetzner

Kelduum · 14 January 2025 21:46

It sounds like you might have a symlink in /srv pointing to server.shilka.uk or the other way around.

This shouldn’t be valid, and Sympl should ignore it but it seems like it’s not doing so in this case.

Check what domains are being configured for sites, and you should be able to identify the problem.

avanty42 · 15 January 2025 11:45

Yes, I had a symlink at /srv/server pointing to /srv/server.shilka.uk

I deleted that symlink and now it’s working.

Thanks!

system · 25 January 2025 11:46

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.