NetTalk Central

Author Topic: LetsEncrypt Certificate Renewal  (Read 2751 times)

GordonF

  • Jr. Member
  • **
  • Posts: 88
    • View Profile
LetsEncrypt Certificate Renewal
« on: June 15, 2021, 03:59:48 AM »
My first few sites to use my webserver application went live mid May and I have a question about LetsEncrypt.

Am I correct in thinking a webserver app will auto renew the LetsEncrypt certificate so long as port 80 and port 443 are open or do I need to include code to renew periodically?

Also if it is automatic how frequently or how long before it expires does it get renewed?

Does it make any difference if the webserver is running as a service?

Any clarification will be appreciated.

Gordon

DonRidley

  • Don Ridley
  • Global Moderator
  • Hero Member
  • *****
  • Posts: 729
  • donaldridley2011@gmail.com
    • View Profile
    • Email
Re: LetsEncrypt Certificate Renewal
« Reply #1 on: June 16, 2021, 02:18:21 AM »
https://www.capesoft.com/docs/NetTalk12/NetTalkWebSecure.htm#LetsEncrypt

Automatically 30 days before expiration.

No special code needed.

Ports 80 and 443. 
"Eliminate the impossible, whatever remains, however unlikely, must be the truth."

NetTalk 12.55
Clarion 11

GordonF

  • Jr. Member
  • **
  • Posts: 88
    • View Profile
Re: LetsEncrypt Certificate Renewal
« Reply #2 on: June 16, 2021, 03:22:59 AM »
Thank you for replying, I'll watch the first few to ensure they renew but it's good to know it is automatic.

osquiabro

  • Hero Member
  • *****
  • Posts: 664
    • View Profile
    • Email
Re: LetsEncrypt Certificate Renewal
« Reply #3 on: June 16, 2021, 04:14:54 AM »
DonRidley, my certificate don't renew automatic when run as service, my service have a local account with administrator privileges, does need any special setting?

Richard I

  • Sr. Member
  • ****
  • Posts: 373
    • View Profile
    • Email
Re: LetsEncrypt Certificate Renewal
« Reply #4 on: June 17, 2021, 01:16:06 AM »
Yes,  I too would appreciate knowing whether certificates are or can be updated if the app is running as a service.
Thanks
Richard

DonnEdwards

  • Jr. Member
  • **
  • Posts: 56
    • View Profile
    • Insights and Rants
    • Email
Re: LetsEncrypt Certificate Renewal
« Reply #5 on: June 17, 2021, 11:54:27 AM »
The certificates update every 30 days if you are running the NT Server app as an application. I ran the server app for 5 months with no need to manually update the certificates.

I changed the properties of the .exe to run only one copy, and then created a scheduled task than ran on login (that was set to automatic using netplwiz) as well as every 30 minutes. Just make sure that you set it to not run if an instance is already running. As long as the app doesn't generate any GPF messages, you should be fine, even when Windows Update requires a reboot.
If you're happy with your security, then so are the bad guys

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11158
    • View Profile
Re: LetsEncrypt Certificate Renewal
« Reply #6 on: June 18, 2021, 05:54:06 AM »
>> Yes,  I too would appreciate knowing whether certificates are or can be updated if the app is running as a service.

should work as a service, yes.

Cheers
Bruce

osquiabro

  • Hero Member
  • *****
  • Posts: 664
    • View Profile
    • Email
Re: LetsEncrypt Certificate Renewal
« Reply #7 on: June 18, 2021, 05:58:03 AM »
Bruce, my certificate don't renew automatic when run as service, my service have a local account with administrator privileges, does need any special setting?

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11158
    • View Profile
Re: LetsEncrypt Certificate Renewal
« Reply #8 on: June 18, 2021, 06:01:39 AM »
no, I don't think it needs any special setting.
I'll try it here to see if it works as a service, but I've not had any reports of it not working as a service so far.

osquiabro

  • Hero Member
  • *****
  • Posts: 664
    • View Profile
    • Email
Re: LetsEncrypt Certificate Renewal
« Reply #9 on: June 19, 2021, 04:47:26 AM »
I am reporting it, I have two clients that the renewal as a service has never worked, I have to renew it without the service

osquiabro

  • Hero Member
  • *****
  • Posts: 664
    • View Profile
    • Email
Re: LetsEncrypt Certificate Renewal
« Reply #10 on: July 26, 2021, 04:24:56 AM »
well today a problem occurred when running as a service the certificate is not renewed, I just renew without as a service, any ideas to solve this problem, my service was created as administrator and has its own account as administrator

GordonF

  • Jr. Member
  • **
  • Posts: 88
    • View Profile
Re: LetsEncrypt Certificate Renewal
« Reply #11 on: December 16, 2021, 06:35:29 AM »
Hi,

Was this clarified can a webserver run as a service and renew the certificate, I'd like to run my webserver as a service on client machines.

Best Regards
Gordon
« Last Edit: December 16, 2021, 07:07:21 AM by GordonF »