MeshCentral2 Let's Encrypt cert not created

alesribic

Thanks for your feedback. I have set it to true, restart service and since that time (alomste 4 hours ago) no change. No subfolder no certificate. Is there any log to investigate?

DustinB3403

@alesribic Did you go through the LE Certification request process after making that change?

alesribic

As far as i know, NO. Is there any description how to go thru certification?

DustinB3403

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

As far as i know, NO. Is there any description how to go thru certification?

What guide are you following?

alesribic

Th guide inside this manual.
http://info.meshcentral.com/downloads/MeshCentral2/MeshCentral2UserGuide.pdf

DustinB3403

That guide states that currently MC doesn't support using an LE cert directly with MC, you'd need a reverse proxy.

alesribic

I did not understand it that way. Anyway, what guide should i follow to get LE directly from MC?

DustinB3403

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

I did not understand it that way. Anyway, what guide should i follow to get LE directly from MC?

¯\ _ (ツ)_/¯

Not sure I was trying to be helpful with what you were having issues with. Since the source documentation says it's not currently supported I'd look at setting up an reverse proxy for this.

alesribic

In the UserManual section 11 it describes exactly what i need. No traces of reverse proxy.

scottalanmiller

@DustinB3403 said in MeshCentral2 Let's Encrypt cert not created:

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

I did not understand it that way. Anyway, what guide should i follow to get LE directly from MC?

¯\ _ (ツ)_/¯

Not sure I was trying to be helpful with what you were having issues with. Since the source documentation says it's not currently supported I'd look at setting up an reverse proxy for this.

Did this change? We didn't need that before.

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

In the UserManual section 11 it describes exactly what i need. No traces of reverse proxy.

Did your test come back successful? Production will only work if the test says it would have first.

DustinB3403

I misread, in the documentation it says this

Note that MeshCentral does not currently support placing a Let’s Encrypt certificate in the
database. Generally, one would use a reverse proxy with Let’s Encrypt support and TLS
offload in the reverse proxy and then run MeshCentral in state-less mode in a Docket
container.

But that LE is actually supported. Ignore me.

alesribic

No, test was also not successful. I was looking for any LOG, but i could not find any

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

No, test was also not successful. I was looking for any LOG, but i could not find any

Ah, okay. Well at least we have a starting point. Does it say anything useful, or just that it fails? The test is basically instant, so no need to wait.

alesribic

Nothing. It is like before i set LE settings. No errors, no signs. Is there any LOG about LE?
I can see meshcentral-events database to grow, but where can i see those events?

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

Nothing. It is like before i set LE settings. No errors, no signs. Is there any LOG about LE?
I can see meshcentral-events database to grow, but where can i see those events?

Pretty sure that messages for that go into your nohup file.

alesribic

no such file in any directory. File "meshcentral-events" is growing with service restart to 350kB, but how to browse it?

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

no such file in any directory. File "meshcentral-events" is growing with service restart to 350kB, but how to browse it?

How are you kicking off the process to run MeshCentral?

alesribic

I have windows installation. If restart is needed, i restart service inside services panel.
This is from event viewer:
Starting C:\Program Files\nodejs\node.exe --harmony "C:\Program Files\Open Source\MeshCentral\node_modules\node-windows\lib\wrapper.js" --file "C:\Program Files\Open Source\MeshCentral\winservice\winservice.js" --log "MeshCentral wrapper" --grow 0.5 --wait 2 --maxrestarts 3 --abortonerror n --stopparentfirst undefined

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

I have windows installation. If restart is needed, i restart service inside services panel.
This is from event viewer:
Starting C:\Program Files\nodejs\node.exe --harmony "C:\Program Files\Open Source\MeshCentral\node_modules\node-windows\lib\wrapper.js" --file "C:\Program Files\Open Source\MeshCentral\winservice\winservice.js" --log "MeshCentral wrapper" --grow 0.5 --wait 2 --maxrestarts 3 --abortonerror n --stopparentfirst undefined

OH! I bet it is because it is Windows. Absolutely no idea how that will work on Windows. I don't think that Lets Encrypt's tools will run there. Obviously certs work there, but I bet the lack of tools to call is the issue.