This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Dehydrated trying to renew certs every minute

Hi,

I'm running 9.700-5 firmware and i'm not sure if this was happening on thre previous firmware.

Basically system.log is spammed by dehydrated trying to renew the cert every minute

utm:/home/login # cat /var/log/system.log | grep "(dehydrated)"
2019:11:03-00:01:01 utm /usr/sbin/cron[12618]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)
2019:11:03-00:02:01 utm /usr/sbin/cron[12975]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)
Etc. 2019:11:03-02:58:01 utm /usr/sbin/cron[5896]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null) 2019:11:03-02:59:01 utm /usr/sbin/cron[6171]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)

From what i can see in crontab it's suppose to be running once a day: (both /etc/crontab and /etc/crontab.letsenecrypt-renewal has the same entry)

# Check CSRs for renewal
31 1 * * * dehydrated /var/chroot-reverseproxy/usr/dehydrated/bin/check_renewal.pl -s > /dev/null

Is this normal?

This thread was automatically locked due to age.

Parents

0 Jaydeep over 5 years ago

Hi stn

Would you please post logs from let's encrypt from /var/log/letsencrypt.log in Sophos UTM?

Regards

Jaydeep
Cancel
Vote Up 0 Vote Down

Cancel
0 stn over 5 years ago in reply to Jaydeep

Just checked the previous logs to see when this started to happen. It seems it's happening since i've installed Sophos UTM:

2019:06:06-19:07:01 utm /usr/sbin/cron[11277]: (httpproxy) CMD (/var/chroot-http/usr/bin/virus_sample_uploader -p /var/chroot-http)
2019:06:06-19:07:01 utm /usr/sbin/cron[11278]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)
2019:06:06-19:08:01 utm /usr/sbin/cron[11546]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)
2019:06:06-19:09:01 utm /usr/sbin/cron[11790]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)
2019:06:06-19:10:01 utm /usr/sbin/cron[12042]: (root) CMD (/var/mdw/scripts/pmx-blocklist-update)
2019:06:06-19:10:01 utm /usr/sbin/cron[12043]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)
2019:06:06-19:10:01 utm /usr/sbin/cron[12044]: (root) CMD ( /usr/local/bin/reporter/system-reporter.pl)
2019:06:06-19:11:02 utm /usr/sbin/cron[12313]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)
2019:06:06-19:12:01 utm /usr/sbin/cron[12616]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)
2019:06:06-19:12:01 utm /usr/sbin/cron[12617]: (httpproxy) CMD (/var/chroot-http/usr/bin/virus_feedback_uploader)
2019:06:06-19:13:01 utm /usr/sbin/cron[12961]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)
2019:06:06-19:14:01 utm /usr/sbin/cron[13191]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)
2019:06:06-19:15:01 utm /usr/sbin/cron[13603]: (root) CMD ( /usr/local/bin/reporter/system-reporter.pl)
2019:06:06-19:15:01 utm /usr/sbin/cron[13604]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)
Cancel
Vote Up 0 Vote Down

Cancel
0 Jaydeep over 5 years ago in reply to stn

Hi stn

Would you please provide me the ticket number in a DM once you've created a ticket?

There seems to be an issue with Dehydrated service in this case. I found another forum with similar issue but there was no conclusion in that.

Regards

Jaydeep
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Jaydeep over 5 years ago in reply to stn

Hi stn

Would you please provide me the ticket number in a DM once you've created a ticket?

There seems to be an issue with Dehydrated service in this case. I found another forum with similar issue but there was no conclusion in that.

Regards

Jaydeep
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data