MeshCentral2 Let's Encrypt cert not created

alesribic

Having windows installation ver.0.4.1-r from today. I went thru manuals for SSL Let's Encrypt. I attached config.json. So LetsEncrypt subfolder is not created even 1 day waiting.

This is my config.json

{
"settings": {
"cert": "MyDomain",
"wanonly": true,
"_minify": true,
"letsencrypt": {
"email": "MyEmail",
"names": "MyDomain",
"rsaKeySize": 3072,
"production": false
},
"webrtc": true,
"allowhighqualitydesktop": true },
"domains": {
"": {
"title": "RDP support"
}
}
}

scottalanmiller

YOu have Production set to False. That field is specifically to stop the LE Cert from actually getting created. Change that to True and it should work fine.

alesribic

Thanks for your feedback. I have set it to true, restart service and since that time (alomste 4 hours ago) no change. No subfolder no certificate. Is there any log to investigate?

DustinB3403

@alesribic Did you go through the LE Certification request process after making that change?

alesribic

As far as i know, NO. Is there any description how to go thru certification?

DustinB3403

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

As far as i know, NO. Is there any description how to go thru certification?

What guide are you following?

alesribic

Th guide inside this manual.
http://info.meshcentral.com/downloads/MeshCentral2/MeshCentral2UserGuide.pdf

DustinB3403

That guide states that currently MC doesn't support using an LE cert directly with MC, you'd need a reverse proxy.

alesribic

I did not understand it that way. Anyway, what guide should i follow to get LE directly from MC?

DustinB3403

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

I did not understand it that way. Anyway, what guide should i follow to get LE directly from MC?

¯\ _ (ツ)_/¯

Not sure I was trying to be helpful with what you were having issues with. Since the source documentation says it's not currently supported I'd look at setting up an reverse proxy for this.

alesribic

In the UserManual section 11 it describes exactly what i need. No traces of reverse proxy.

scottalanmiller

@DustinB3403 said in MeshCentral2 Let's Encrypt cert not created:

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

I did not understand it that way. Anyway, what guide should i follow to get LE directly from MC?

¯\ _ (ツ)_/¯

Not sure I was trying to be helpful with what you were having issues with. Since the source documentation says it's not currently supported I'd look at setting up an reverse proxy for this.

Did this change? We didn't need that before.

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

In the UserManual section 11 it describes exactly what i need. No traces of reverse proxy.

Did your test come back successful? Production will only work if the test says it would have first.

DustinB3403

I misread, in the documentation it says this

Note that MeshCentral does not currently support placing a Let’s Encrypt certificate in the
database. Generally, one would use a reverse proxy with Let’s Encrypt support and TLS
offload in the reverse proxy and then run MeshCentral in state-less mode in a Docket
container.

But that LE is actually supported. Ignore me.

alesribic

No, test was also not successful. I was looking for any LOG, but i could not find any

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

No, test was also not successful. I was looking for any LOG, but i could not find any

Ah, okay. Well at least we have a starting point. Does it say anything useful, or just that it fails? The test is basically instant, so no need to wait.

alesribic

Nothing. It is like before i set LE settings. No errors, no signs. Is there any LOG about LE?
I can see meshcentral-events database to grow, but where can i see those events?

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

Nothing. It is like before i set LE settings. No errors, no signs. Is there any LOG about LE?
I can see meshcentral-events database to grow, but where can i see those events?

Pretty sure that messages for that go into your nohup file.

alesribic

no such file in any directory. File "meshcentral-events" is growing with service restart to 350kB, but how to browse it?

scottalanmiller

@alesribic said in MeshCentral2 Let's Encrypt cert not created:

no such file in any directory. File "meshcentral-events" is growing with service restart to 350kB, but how to browse it?

How are you kicking off the process to run MeshCentral?