SSL certificate already expired - cannot login to Admin Portal for MIAB


#1

Hello there!
1st question:

I am probably overlooking something very simple or maybe I need to do something at the terminal level but I am not able to login to the Admin portal in order to manage the SSL certificates.

All my certificates have expired and I need to renew them.

Is there any way to have MIAB default to http thereby allowing me to manage the certs and renew/install them?

2nd question:

One of the SSL cert providers that I was using stopped issuing free certs so I wanted to leverage letsencrypt.

Aside from going to letsencrypt and doing performing the installation with certbot, is there any customized module that manages it for MIAB installations?


#2

Use a different browser (If you are on FF, and the cert expired)

Honestly, IE might work for you. Or manually update certs via ssh?


#3

/etc/nginx/conf.d/local.conf is the nginx config

find box.example.com and disable auto redirect to HTTPS


#4

There is no reason to ever disable HTTPS on the box.


#5

Thank you all for the responses.

I was able to find an hour to finally focus on this - I have a toddler and an 9 month old at home.

Here is the outcome:

  1. Josh is correct, there is no need to disable SSL - Firefox let me continue with the expired cert

  2. my “what’s the easiest way to use let’s encrypt” question was answered for me when I upgraded MIAB - that functionality is built in!

I was able to get new certs for my three domains without any issue!

Thanks again!


#6

@JoshData I was saying to disable because his browser. However in hindsight it would have been better to delete SSL cache in chrome/FF because HSTS.


#7

I have recently upgraded MIAB and letsencrypt still not working. Expired cert since 9/4 and now email since. MIAB working now for a few years without cert issue. Any ideas? Something changed?


#8

If you recently upgraded (to 0.28) Let’s Encrypt changed something on their end which is causing the MiaB install script to skip their request to accept their ToS. Typically rerunning sudo mailinabox will fix this.

You did not provide any error info, so I am grabbing at straws here… if that does not solve your problem, please provide more info.


Cert install is failing letsencrypt. MIAB up to date
Mail In A Box Does Not Renew SSL Certificate
#9

sudo su -
curl -s https://mailinabox.email/setup.sh | sudo bash
cd mailinabox/management/
./ssl_certificates.py
exit
sudo ./ssl_certificates.py
cd
sudo reboot
sudo su -
sudo apt-get update && sudo apt-get upgrade -y
cd mailinabox/management/
sudo ./ssl_certificates.py

Provisioning TLS certificates for box.datamaskinaggie.xyz, datamaskinaggie.xyz, www.datamaskinaggie.xyz, davidwbrown.name, www.davidwbrown.name, mcduffie-brown.name, www.mcduffie-brown.name.

error: box.datamaskinaggie.xyz, datamaskinaggie.xyz, www.datamaskinaggie.xyz, davidwbrown.name, www.davidwbrown.name, mcduffie-brown.name, www.mcduffie-brown.name:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags.


#10

You need to run

sudo mailinabox

and accept the LE ToS


#11

I have not let MIAB go not upgraded or running the curl install for all the years using MIAB. The LE script just blows by, fails and I’m left with the only access is my IP.


#12

So when you do

sudo mailinabox

what is the output?