MeshCentral2 Let's Encrypt cert not created

scottalanmiller

@DustinB3403 said in MeshCentral2 Let's Encrypt cert not created:

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

I did not understand it that way. Anyway, what guide should i follow to get LE directly from MC?

¯\ _ (ツ)_/¯

Not sure I was trying to be helpful with what you were having issues with. Since the source documentation says it's not currently supported I'd look at setting up an reverse proxy for this.

Did this change? We didn't need that before.

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

In the UserManual section 11 it describes exactly what i need. No traces of reverse proxy.

Did your test come back successful? Production will only work if the test says it would have first.

DustinB3403

I misread, in the documentation it says this

Note that MeshCentral does not currently support placing a Let’s Encrypt certificate in the
database. Generally, one would use a reverse proxy with Let’s Encrypt support and TLS
offload in the reverse proxy and then run MeshCentral in state-less mode in a Docket
container.

But that LE is actually supported. Ignore me.

alesribic

No, test was also not successful. I was looking for any LOG, but i could not find any

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

No, test was also not successful. I was looking for any LOG, but i could not find any

Ah, okay. Well at least we have a starting point. Does it say anything useful, or just that it fails? The test is basically instant, so no need to wait.

alesribic

Nothing. It is like before i set LE settings. No errors, no signs. Is there any LOG about LE?
I can see meshcentral-events database to grow, but where can i see those events?

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

Nothing. It is like before i set LE settings. No errors, no signs. Is there any LOG about LE?
I can see meshcentral-events database to grow, but where can i see those events?

Pretty sure that messages for that go into your nohup file.

alesribic

no such file in any directory. File "meshcentral-events" is growing with service restart to 350kB, but how to browse it?

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

no such file in any directory. File "meshcentral-events" is growing with service restart to 350kB, but how to browse it?

How are you kicking off the process to run MeshCentral?

alesribic

I have windows installation. If restart is needed, i restart service inside services panel.
This is from event viewer:
Starting C:\Program Files\nodejs\node.exe --harmony "C:\Program Files\Open Source\MeshCentral\node_modules\node-windows\lib\wrapper.js" --file "C:\Program Files\Open Source\MeshCentral\winservice\winservice.js" --log "MeshCentral wrapper" --grow 0.5 --wait 2 --maxrestarts 3 --abortonerror n --stopparentfirst undefined

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

I have windows installation. If restart is needed, i restart service inside services panel.
This is from event viewer:
Starting C:\Program Files\nodejs\node.exe --harmony "C:\Program Files\Open Source\MeshCentral\node_modules\node-windows\lib\wrapper.js" --file "C:\Program Files\Open Source\MeshCentral\winservice\winservice.js" --log "MeshCentral wrapper" --grow 0.5 --wait 2 --maxrestarts 3 --abortonerror n --stopparentfirst undefined

OH! I bet it is because it is Windows. Absolutely no idea how that will work on Windows. I don't think that Lets Encrypt's tools will run there. Obviously certs work there, but I bet the lack of tools to call is the issue.

alesribic

I think the same. But now i try to open DB file with events. Im looking for DB password to open database.

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

I think the same. But now i try to open DB file with events. Im looking for DB password to open database.

No DB password on a default install. Nor on a recommended install.

JaredBusch

@scottalanmiller said in MeshCentral2 Let's Encrypt cert not created:

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

I have windows installation. If restart is needed, i restart service inside services panel.
This is from event viewer:
Starting C:\Program Files\nodejs\node.exe --harmony "C:\Program Files\Open Source\MeshCentral\node_modules\node-windows\lib\wrapper.js" --file "C:\Program Files\Open Source\MeshCentral\winservice\winservice.js" --log "MeshCentral wrapper" --grow 0.5 --wait 2 --maxrestarts 3 --abortonerror n --stopparentfirst undefined

OH! I bet it is because it is Windows. Absolutely no idea how that will work on Windows. I don't think that Lets Encrypt's tools will run there. Obviously certs work there, but I bet the lack of tools to call is the issue.

LE can certainly be ran on Windows. It simply depends on the webserver to answer.

MeshCentral is big on running on Windows, it is stupid, yes, but still what they do. I know the LE design is meant to work on Windows, but I have never looked into it.

alesribic

i notice that meshcentral-events.db starts from scratch everytime service runs. But i can not find a way to browse this events database.

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

i notice that meshcentral-events.db starts from scratch everytime service runs. But i can not find a way to browse this events database.

This suggests that maybe you don't have write access to the database with the user that you are kicking off MC with.

What DB are you using? The default or MongoDB?