SSL certificate error ERR_CERT_DATE_INVALID
The listed server names already provide valid certificates, signed by Let’Encrypt-signed. Their verification is successful by my side. They were generated on Jun 23. So the error from your client can...
View ArticleSSL certificate error ERR_CERT_DATE_INVALID
[root@hur-ns8 admin]# grep -C 5 -R -F 'mattermost.twr.cz' /home/traefik*/.config/state/configs /home/traefik1/.config/state/configs/_default_cert.yml- - nextcloud.twr.cz...
View ArticleSSL certificate error ERR_CERT_DATE_INVALID
If system journal wasn’t recently rotated we’d see ACME errors in the journal: journalctl --grep acmeCA As alternative, for older data, let’s ask Loki: logcli query -q --no-labels --limit=1000...
View ArticleSSL certificate error ERR_CERT_DATE_INVALID
journalctl --grep acmeCA Jun 26 12:28:54 hur-ns8 traefik[2467]: 2025-06-26T10:28:54Z INF Testing certificate renew... acmeCA=https://acme-v02> Jun 26 12:29:05 hur-ns8 traefik[2467]:...
View ArticleSSL certificate error ERR_CERT_DATE_INVALID
So as was already said it seems the mmtest.twr.cz FQDN is causing the problem. How can I remove it manually? It is no more used by any app (was some months ago while testing another mattermost...
View ArticleSSL certificate error ERR_CERT_DATE_INVALID
Run this procedure. It will selectively remove certificates for mmtest.twr.cz from Traefik’s acme.json file. Finally Traefik must be fully restarted to pick up the change. runagent -m traefik1 cd acme...
View ArticleClik here to view.
Latest issue with LetsEncrypt
You can try this workaround: SSL certificate error ERR_CERT_DATE_INVALID Support Run this procedure. It will selectively remove certificates for mmtest.twr.cz from Traefik’s acme.json file. Finally...
View ArticleSSL certificate error ERR_CERT_DATE_INVALID
Procedure run without errors. By inspecting acme/acme.json there is no more reference to mmtest.twr.cz in it. Subsequently I have tried to remove another no more used certificate, which was (opposite...
View ArticleSSL certificate error ERR_CERT_DATE_INVALID
Timeout error does not help. Any acmeCA error message from logs?
View ArticleSSL certificate error ERR_CERT_DATE_INVALID
no, I dont see any new errors in logs since
View ArticleClik here to view.
SSL certificate error ERR_CERT_DATE_INVALID
daz: ['hur.twr.cz', 'nextcloud.twr.cz', 'nvcti.twr.cz', 'nvproxy.twr.cz', 'collabora.twr.cz', 'mattermost.twr.cz', 'intra.twr.cz', 'sogo.twr.cz', 'tel.twr.cz', 'nethvoice.twr.cz'] This list of names...
View ArticleNextCloud won't talk to mail
It is interesting that I have landed on this thread with the exact same problem listed by Tony on Feb 11. I am using nextcloud 1.5. Followed all the steps listed here — to no avail. It has stopped me...
View ArticleNextCloud won't talk to mail
AFAIK Nextcloud can send notifications via Mail app as documented in Email notifications — NS8 documentation. See Use Mail app instance option. Feel free to open a new Support topic to get help.
View ArticleNextCloud won't talk to mail
Thanks for the reply, but I believe that I have not explained myself clearly. It is not email notifications that I am having issue with, it is setting my personal email within the nextcloud mail app....
View ArticleClik here to view.
External backup Nethserver 8
mrmarkuz: urrently only 1 “local disk” backup destination is allowed per NS8 node. Hello Markus, thank you for your message…
View ArticleClik here to view.
NextCloud won't talk to mail
I retested it on a VM and I needed to allow local access to remote servers in Nextcloud to make it work. runagent -m nextcloud1 occ config:system:set --value true allow_local_remote_servers kisaacs:...
View ArticleSSL certificate error ERR_CERT_DATE_INVALID
Thanks, the manual deletion worked well. So if I understand well, when in settings of these web applications (mattermost, collabora, nextcloud…) the Lets Encrypt switch is on, I should not request...
View ArticleClik here to view.
NextCloud won't talk to mail
Already did the “runagent” command and listed the occ settings to make sure. Am trying the Netserver node IP now.
View ArticleNextCloud won't talk to mail
[root@mail2 ~]# runagent -m nextcloud2 runagent: [INFO] starting bash -l runagent: [INFO] working directory: /home/nextcloud2/.config/state [nextcloud2@mail2 state]$ ping mail2.dmginc.com PING...
View ArticleNextCloud won't talk to mail
Security needs to be set to “none” for both IMAP and SMTP, see Mail app in Nextcloud not working with NS8 mail server - #5 by mrmarkuz
View ArticleNextCloud won't talk to mail
Bingo! I thought that I tried that already. I guess that I hadn’t. Thanks so much Markus. It’s working. Now on to the rest of my testing
View ArticleClik here to view.
All certificates are expired or expiring - nothing renewing
NethServer Version: NS8 up to date Module: traefik1 v3.2; core 3.9 This afternoon my wife, daughter and I have noticed that we can’t reach Nextcloud or mail (neither webmail/roundcube or NS8 mail)....
View ArticleClik here to view.
SSL certificate error ERR_CERT_DATE_INVALID
Great, that’s good news. daz: So if I understand well, when in settings of these web applications (mattermost, collabora, nextcloud…) the Lets Encrypt switch is on, I should not request their FQDN...
View ArticleClik here to view.
All certificates are expired or expiring - nothing renewing
You may need to manually delete the certs from the traefik config to make the renewal work again. SSL certificate error ERR_CERT_DATE_INVALID Support This list of names is very long. Apart from...
View ArticleAll certificates are expired or expiring - nothing renewing
Hi @mrmarkuz So if I go and manually delete all the certificates from Traefik’s configuration, does the GUI know and update the missing certificates that are in the GUI? I think I’ll look to make a...
View ArticleClik here to view.
All certificates are expired or expiring - nothing renewing
About 2 months ago I posted about not being able to delete a certificate for a domain that was created in error. I could never get that certificate to delete. So now I see from the error messages that...
View ArticleAll certificates are expired or expiring - nothing renewing
Grrr. Added the “sync_timeout”:“60” but no joy # api-cli run module/traefik1/delete-certificate --data '{"fqdn":"intranet.domain.tld","type":"internal","sync_timeout":60}' <3>Timeout after about...
View ArticleMeshCentral 1.1
Is it possible to restart the app to reload a customized config.json without getting the config.json beeing regenerated? I´ve added some changes to the config.json but when trying to restart the...
View ArticleSSL certificate error ERR_CERT_DATE_INVALID
But will it work so even if some of these apps (eg. nextcloud in my case) are intended just for intranet use and their respective http routes access is limited to local network?
View ArticleMeshCentral 1.1
The config.json was removed at restart to be able to change the configuration. If the config.json exists it isn’t changed/updated anymore. I updated meshcentral-light to not remove the config.json so...
View ArticleSSL certificate error ERR_CERT_DATE_INVALID
Yes, limiting the access in http routes should have no impact on obtaining certificates.
View ArticleAll certificates are expired or expiring - nothing renewing
Does it help to remove the wrong domain from configs/_default_cert.yml ?
View ArticleOnlyoffice 9.0.2.1
The new Onlyoffice release 9.0.2 fixes some bugs, see DocumentServer/CHANGELOG.md at master · ONLYOFFICE/DocumentServer · GitHub I hope this is the last testing version before release. Fresh...
View ArticleFeature Request: Public APIs for Third-Party Integrations and Mobile Apps
The Software Center on mobile screen looks great. I just found this one about the join code: github.com/NethServer/ns8-core core/ui/src/views/Nodes.vue f2c7f97af return; } },...
View ArticleClik here to view.
SSL certificate error ERR_CERT_DATE_INVALID
daz: when in settings of these web applications (mattermost, collabora, nextcloud…) the Lets Encrypt switch is on, I should not request their FQDN certificate in Traefik I want just add that we...
View ArticleSSL certificate error ERR_CERT_DATE_INVALID
I think I could reproduce the issue: Request LE certs one.example.com, two.example.com and three.example.com Create host http routes using the same domains for the LE certs. As I used a wildcard DNS I...
View ArticleAll certificates are expired or expiring - nothing renewing
Hi @mrmarkuz Thank you for the suggestion. I removed the wrong domain from configs/_default_cert.yml # runagent -m traefik1 $ cd configs/ $ vim _default_cert.yml (deleted the wrong domain) $ cd .. $...
View ArticleAll certificates are expired or expiring - nothing renewing
No acme errors in the journalctl anymore. I’m crossing my fingers that this has fixed the issue. I think the certificates are updating but I’m not sure. Next, I need to figure out how to check the...
View ArticleClik here to view.
All certificates are expired or expiring - nothing renewing
You could use your browser or curl to check certs and dates: SSL certificate error ERR_CERT_DATE_INVALID Support It can be an expired certificate? You can inspect the certificate expiration dates with...
View ArticleAll certificates are expired or expiring - nothing renewing
Thank you, I’ll try that. Is there documentation on the correct structure for certificates with Traefik? From the earlier post, I believe that main should be domain.tld and not webmail.domain.tld?...
View ArticleAll certificates are expired or expiring - nothing renewing
No, that’s ok. The cert that was issued first (webmail in your case) is main. The others are sans.
View ArticleAll certificates are expired or expiring - nothing renewing
OK, thank you for the clarification. Again, @mrmarkuz thanks for your help.
View ArticleNS8 Samba file access logging
It was released about two weeks ago with Samba 3. More information here Samba file server — NS8 documentation
View ArticleMeshCentral 1.1
Yes, with the update the config.json doesn´t get overwritten by an restart. This is a win, but it seem´s i made some mistakes in the night and wrongly got to the assumtion, you could reach the LDAP...
View ArticleOnlyoffice 9.0.2.1
I think you can release it I have tested it extensively and found no problems. The corresponding system log looks clear here.
View ArticleMeshCentral 1.1
Thanks for testing. Sorry, LDAP isn’t implemented but I’ll try to add that feature asap. To reach the samba DC you could use the VPN IP or the node IP. To test the ldap connection by using curl inside...
View Article