I’m running CyberPanel 2.0 Build 3 with OpenLiteSpeed serving multiple sites.
First question: why are there two SSL renewal mechanisms? In root’s crontab, we see:
- “/root/.acme.sh”/acme.sh runs at 12:07am to renew certs that are 60 days old.
- /usr/local/CyberCP/plogical/renew.py runs at 2am to renew certs that expire in 15 days.
Second question: where are the hooks to restart OpenLiteSpeed after acme.sh renews a cert? I had a couple sites fail renewal on the first try but the certs were issued on subsequent attempts. However, OpenLiteSpeed is still serving the old certs, which will expire soon.
Each site has a .conf file e.g. /root/.acme.sh/mydomain.com/mydomain.com.conf. In all of them, the ReloadCmd is empty:
Le_ReloadCmd=’’
I believe the crontab could use a --reloadcmd parameter, but it does not.
I know I can run “lswsctrl restart” manually, but isn’t it supposed to happen automatically when one or more certs renew?
Thanks,
Mark Berry