Auto renewal with Icecast2 server

rg305 · March 25, 2023, 8:54pm

Did you miss those answers in post #23?

popeyebrown · March 25, 2023, 9:25pm

I am typing illiterate! And bad editor.

I t works. Can you test for me the domain certificate

I am old retired IT network Tech.

Happy Easter. May be you find some bunnies.

Thanks again

rg305 · March 25, 2023, 9:42pm

Cert looks good.
WordPressing.

popeyebrown · March 25, 2023, 9:53pm

https://kpurrr.com:8443/stream

User louie
Password free

Or click cat image

Music

You found my web server not my media icecast server which has your certificate

My music server is at kpurrr.com port 8443

Can you look see, too!

Any domain certificate tester you can recommend.

Bruce5051 · March 25, 2023, 10:03pm

Try this one SSL Checker

Bruce5051 · March 25, 2023, 10:04pm

https://decoder.link/sslchecker/kpurrr.com/8443

popeyebrown · March 25, 2023, 10:10pm

I tried it it one error

OCSP Status: close Certificate has been revoked

Bruce5051 · March 25, 2023, 10:18pm

Yes, the Serial Number: 43b62bb9960fee3f4c8a0437e8193b7b536 matches this one

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:3b:62:bb:99:60:fe:e3:f4:c8:a0:43:7e:81:93:b7:b5:36
        Signature Algorithm: sha256WithRSAEncryption

openssl_s_client-showcerts.txt (7.1 KB)

popeyebrown · March 25, 2023, 10:34pm

I Followed certbot delete process and rerun certbot with my same domain name.

It said that my same domain name was successful.

I ran certbot dry run and it was successful too

I was try on port 80 without web server just 443 instead

Bruce5051 · March 25, 2023, 10:37pm

If you are doing that, I would suggest do it first; and then if that passes continue. That uses the Staging Environment.

popeyebrown · March 25, 2023, 10:52pm

Well it’s still revoke can you remedy this

Icecast is dedicated to port 80

But still is revoke

popeyebrown · March 25, 2023, 11:22pm

I guess it up t
o unrevoking my certificate: kpurrr.com

popeyebrown · March 25, 2023, 11:27pm

My music server is down too
at

https://kpurrr.com:8443

Bruce5051 · March 25, 2023, 11:28pm

I see this on kpurrr.com:8443 with Firefox

But on Chrome it seems OK.

Bruce5051 · March 25, 2023, 11:30pm

But standard normal HTTPS on Port 443 I see this
Firefox:

And on Chrome

Bruce5051 · March 25, 2023, 11:34pm

HTTPS Port 443 - https://decoder.link/sslchecker/kpurrr.com/443
HTTPS Port 8443 - https://decoder.link/sslchecker/kpurrr.com/8443 OCSP Status: Certificate has been revoked

popeyebrown · March 25, 2023, 11:40pm

It worked before

I used certbot to delete kpuuur.com

I reinstalled certbot at kpurrr.com

Now it is still revile how do you get so it’s not revoke

Bruce5051 · March 25, 2023, 11:42pm

OK; so you are using 2 different servers, correct?
Why not just use the same Certificate for both?

One nginx/1.19.2:

$ curl -Ii https://kpurrr.com
HTTP/1.1 200 OK
Server: nginx/1.19.2
Date: Sat, 25 Mar 2023 23:39:23 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/8.2.0
Link: <https://kpurrr.com/wp-json/>; rel="https://api.w.org/"
Strict-Transport-Security: max-age=31536000; includeSubDomains

And Two Icecast 2.4.4

$ curl -Ii https://kpurrr.com:8443
HTTP/1.0 400 Bad Request
Server: Icecast 2.4.4
Connection: Close
Date: Sat, 25 Mar 2023 23:39:28 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Access-Control-Allow-Origin: *

Bruce5051 · March 25, 2023, 11:45pm

Not possible; need a new certificate.

Can we see the backed up configuration of kpuuur.com so comparisons can be made to kpurrr.com?

popeyebrown · March 25, 2023, 11:45pm

is there conflict with two computers and two servers and different certificates? I really don't want to tamper with my host web server!

I how do I get certbot to not revoke!!!!

I do appreciate the support
David