Hi!
Our mailcow web-frontend is not reachable anymore. The certificate expired. Checking the acme logs I saw, that we have domains in there, that don’t belong to us anymore. So I think it’s canceling the whole process and so won’t renew the mailcow hostname.
I set AUTODISCOVER_SAN=n to avoid the error, forced a renewal and following the acme log it seems to work:
acme-mailcow-1 | Sun Jul 14 17:07:19 CEST 2024 - Certificate /var/lib/acme/***/cert.pem doesn't exist yet or forced renewal - start obtaining
acme-mailcow-1 | Sun Jul 14 17:07:19 CEST 2024 - Creating backups in /var/lib/acme/backups/***/2024-07-14_17_07_19 ...
acme-mailcow-1 | Sun Jul 14 17:07:19 CEST 2024 - Checking resolver...
acme-mailcow-1 | Sun Jul 14 17:07:19 CEST 2024 - Resolver OK
acme-mailcow-1 | Sun Jul 14 17:07:19 CEST 2024 - Using command acme-tiny --account-key /var/lib/acme/acme/account.pem --disable-check --csr /var/lib/acme/***/acme.csr --acme-dir /var/www/acme/
acme-mailcow-1 | Parsing account key...
acme-mailcow-1 | Parsing CSR...
acme-mailcow-1 | Found domains: ***
acme-mailcow-1 | Getting directory...
acme-mailcow-1 | Directory found!
acme-mailcow-1 | Registering account...
acme-mailcow-1 | Already registered! Account ID: https://acme-v02.api.letsencrypt.org/acme/acct/465081000
acme-mailcow-1 | Creating new order...
acme-mailcow-1 | Order created!
acme-mailcow-1 | Already verified: ***, skipping...
acme-mailcow-1 | Signing certificate...
acme-mailcow-1 | Certificate signed!
acme-mailcow-1 | Sun Jul 14 17:07:26 CEST 2024 - Deploying certificate /var/lib/acme/***/cert.pem...But the browser still reports an expired certificate.
- Mailcow is the newest version (updated few days ago)
- Docker Compose version v2.23.3
- Ubuntu 20.04.6 LTS on a bare metal server
I’m lost for now. Without access to the web-frontend I can’t remove the failing domains. In the doc I didn’t found any way to do this via command line.
And it is strange that acme reports the certificate as installed, but obviously it’s deploying the wrong one.
Any help is appreciated.
