No internet connection
  1. Home
  2. Issues

Self hosted bug: Auto cert renewal Lua problem (Certbot is fine)

By KajMagnus @KajMagnus2021-06-02 04:27:25.977Z2021-06-07 17:43:35.996Z

For self hosted Talkyard installations installed after 2021-03-20, HTTPS certs don't currently get renewed — they just get automatically generated once. There's some problem with a Lua Nginx LetsEncrypt module Talkyard uses.

So, when there's less than a month left until the cert expires, probably you will need to do this:

sudo -i
cd  /opt/talkyard
docker-compose exec cache redis-cli
127.0.0.1:6379> FLUSHDB  
OK
127.0.0.1:6379>

That removes your HTTPS cert from the Redis cache. (It's currently ok to remove everything from the cache — it's just a cache.) Then, the Lua module won't try to renew a cert, instead it'll create a new one (it thinks), and that works fine.

After you've done that, reload the Talkyard site in a browser, so Nginx gets a HTTPS request. You'll get a cert warning, and 30? seconds later, Nginx and the Lua code should have gotten a new cert from LetsEncrypt.

***

This does not affect sites created before the above date, because as per their installation instructions, they instead use Certbot from LetsEncrypt directly, instead of the Nginx Lua module Talkyard uses.

Reply

Linked from:

  1. support-chat
  2. Talkyard Roadmap 2021
  3. SSL setup - talkyard one auto config not working
  • 0 replies
    ReplyAdd progress note