SYSTEM INFORMATION | |
---|---|
OS type and version | CentOS 7 |
Webmin version | 2.111 |
Virtualmin version | 7.10.0 |
Hi All,
As a suggestion for @Jamie, Virtualmin does auto renew domain-ssl certificates as by design and expectation, however i have two customers who refuse to clean their inboxes and as a result they have run out of free space. Knowing they refuse to clean up / upgrade. I left it that.
Now Virtualmin does try to refresh their certificates, resulting in a successful request, though then being unable to write the certificates in the correct locations, as a result it tries the renew over and over, the request succeeds, though the install fails.
result then observed: after a couple of days Letsencrypt denies the host to request more certs ( for working and valid hosts ) as too many have been provided in the last 168 hours already.
Suggestion:
-
Do not renew certs for hosts that are at / over quota until their quota is cleaned up.
Seems to be the cleanest option. -
Do the renewal request though hold them in a staged location?
Seems like this could become messy rather fast tracking vallid / what is installed or reqeusted and on hold. -
Write the certs out as a user with higher permissions and ignore the quota?
Seems to be a potential path for abuse, there are reasons to have a quota and not ignore that by force.
Not sure what would be the best option, though as it is the behavior affects other domains that are unrelated.
Steven