Hello, I have received an urgent email from let’s encrypt:
Hello,
Please immediately renew your TLS certificate(s) that were issued from
Let’s Encrypt using the TLS-ALPN-01 validation method and the following
ACME registration (account) ID(s):
XXXXXXXXX
We’ve determined that an error made it possible for TLS-ALPN-01
challenges, completed before today, to not comply with certificate
issuance requirements. We have remediated this problem and will revoke
all unexpired certificates that used this validation method at 16:00 UTC
on 28 January 2022. Please renew your certificates now to ensure an
uninterrupted experience for your site visitors.
We apologize for any inconvenience this may cause. If you need support
in the renewal process, please comment on our forum post. Our staff and
community members are available to help:
I received the same email. I followed the link to the forum post at the bottom of the email and some people suggest deleting the acme.json file and others suggest to just empty the array within it. I’m not sure what route to take at this point in time.
Looks mostly solid to me, I would probably just stop the containers, go to the letsencrypt volume (default would be /root/n8n/letsencrypt) and delete the contents then start up the containers again and it should sort itself out.
You may be able to access the traefik container and run a command as well but I can’t see any documentation on the traefik side for that.
It does take a minute or so for the Let’s Encrypt process to complete but it should be fine.
I have deleted the acme.json and docker-compose down and up and now can’t login n8n server anymore. I’m having SSL issue and can’t continue… this is great.
Can you guide me step by step and command by command, please? I did exactly that and had to rollback to snapshot.
Hi guys, I just finished my server setup and had also issues generating a SSL certificate with the default docker-compose file mentioned in the docs.
In the example docker-compose file Traefik with TLS challenge is used to create and renew let’s encrypt certificates and wasn’t working for me (in combination with Cloudflare proxy). I did some research and modified the Traefik setup to use the http challenge which solved the problem.
I followed the steps from @Matt_W and it seemed to work correctly.
However, I have 3 servers, and on two of them I had outdated docker images of Traefik. On these servers I received errors when it tried to renew the certificate. Tip: update your traefik image before you automatically obtain a new certificate, after I did this all 3 servers were working as expected.
Not sure why it went wrong a couple of times and had to roll back to snapshot…
I have updated n8n to the last version first, stopped the docker-compose, and then deleted the file. Rebooted the machine and started docker-compose again. Then after a couple of F5, the SSL got renewed.