Stop it: "Let's Encrypt certificate renewal failed!"

Hello. One of my sites is blocked by the authorities. Now I receive messages every hour from webmin saying that it cannot automatically renew the SSL. In the SSL certificate settings, I deleted the certificates for this domain, but notifications are still sent to email. How to stop this?

Operating system Debian Linux 10.13
Webmin version 2.105
Usermin version 2.005
Virtualmin version 7.8.2

there is a setting not to automatically renew

image1328×652 44.2 KB

It’s clear. But these options are valid when creating certificates. What to do when certificates have already been created previously? In my case, what should I do?

If this didn’t stop the requests then there is maybe a deficiency in the webmin code?

Yeah, I seem to recall there was a bug that lead to renewals continuing even after removal. I think it’s been fixed in an upcoming release.

If you search the forum, you may find a patch or explanation of how to workaround it.

The problem is that it’s very difficult for me to do this because I don’t know English…

Please let me know when the update is ready because the inbox is getting full…

Just a thought:

Try setting a self-signed certificate and then disable the server, give it 5 minutes for any cron jobs to run and then re-enable the virtual server.

Are these links any good

• Let's Encrypt trying to renew deleted domains · Issue #185 · virtualmin/virtualmin-gpl · GitHub
  • Deleted virtual host still in LE renewal logs
  • LE (still) not renewing automatically in Webmin
• Let's Encrypt automatic renewal: Uses shared certificate instead · Issue #674 · virtualmin/virtualmin-gpl · GitHub
  Looks like it’s possible for LE auto-renew to still happen when the cert is shared with another domain … I’ll fix that.

Although I deleted the certificates by pressing a button, they were not actually deleted. It’s just that the button with the inscription has become a different color, and the inscription is different. I manually deleted the certificates, and following your advice, I disabled the virtual server, and later enabled it again. Now it doesn’t send notifications. But I doubt that I did it correctly.

Is there a need for Certbot to run every hour? Once a day would be enough perhaps?

It normally runs once every two months.

It’s repeating because it failed. The bug (which I’m pretty sure is fixed in the next version) is that a removed or disabled domain shouldn’t try to renew at all.

After manually deleting the certificates, Apache stopped starting… I had to restore the files… Notifications started pouring in again… How to get rid of this?

The self-signed certificate is not generated because the domain is not validated

Yeah, that’s not a good idea. Deleting the certificate is at the wrong side of the problem. The problem is the automatic renewal scheduled job.

I would assume that’s a Webmin Scheduled Job, but I can’t see one on my systems. I’ll have to ask @Jamie .

You should be able to turn off automatic renewals by changing “Automatically renew certificate” to “No”, and clicking “Only Update Renewal”.

Also, is this domain disabled in Virtualmin, or just blocked externally somehow?

I did it through the last tab. It went without errors. I hope the bombing will stop now.

Blocked from outside.

Thanks for the advice. May God bless you

Yes, the problem is solved. thanks for the advice

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.