After renew certificates, still not secured

slyvana · May 3, 2019, 1:23am

My domain is: wall.sg

I ran this command:sudo certbot renew --dry-run

It produced this output: Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/wall.sg-0001/fullchain.pem (success)
/etc/letsencrypt/live/wall.sg/fullchain.pem (success)
/etc/letsencrypt/live/www.wall.sg/fullchain.pem (success)

My web server is (include version): apache

The operating system my web server runs on is (include version):apache

My hosting provider, if applicable, is: digitalocean

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m really lost on this and i’m weak on technical part. I’m managing my own website, if anyone can help and require access to ssh root, please let me know.

rg305 · May 3, 2019, 1:25am

You only ran a "test" simulation.

slyvana · May 3, 2019, 1:28am

i see, i removed the -dry-run and no renewal are due yet. When i visit my website wall.sg, im able to see that the certificate is renew but the https status still not secured.

orangepizza · May 3, 2019, 2:42am

your site only gives a cert that only www version in SAN. did you add non www version too?

slyvana · May 3, 2019, 3:17am

yes i did… add wall.sg, or how should i check to verify your question so i can key in the code and paste the output.

orangepizza · May 3, 2019, 3:20am

you create Two certs that one has only www version, and one with only non-www version
don’t renew them, make a new cert that with both name, and delete old certs that has only one name.
certbot issue -d wall.sg -d www.wall.sg will do the job, I think

slyvana · May 3, 2019, 3:34am

root@wallsg-1528129053139-s-1vcpu-1gb-sgp1-01:~# certbot issue -d wall.sg -d www.wall.sg

usage:

certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] …

Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,

it will attempt to use a webserver both for obtaining and installing the

certificate.

certbot: error: unrecognized arguments: issue

orangepizza · May 3, 2019, 4:16am

sudo certbot --apache -d wall.sg -d www.wall.sg

slyvana · May 3, 2019, 6:56am

thank you sir, it’s fixed now. In future when it is expiring , what should i do?

orangepizza · May 3, 2019, 7:19am

Certbot will renew certs after 2 months. But I’m not sure certbot will restart Apache automatically

system · June 2, 2019, 7:26am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.