Cannot renew single certificate after originally using multiple ceritifactes for subdomains etc

Please fill out the fields below so we can help you better.

My domain is: ehda.co

I ran this command: /usr/local/sbin/certbot-auto certonly --renew-by-default --manual -d ehda.co

It produced this output:

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at
   /etc/letsencrypt/live/ehda.co-0001/fullchain.pem. Your cert will
   expire on 2017-09-10. To obtain a new or tweaked version of this
   certificate in the future, simply run certbot-auto again. To
   non-interactively renew *all* of your certificates, run
   "certbot-auto renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

My web server is (include version): Apache/2.4.25 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 14.04

My hosting provider, if applicable, is: DO

I can login to a root shell on my machine (yes or no, or I don’t know): YES

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): NO

I used to autorenew all certificates which was ehda.co and www.ehda.co but in the last 3 months the www subdomain was moved to squarespace and uses their SSL cert. I have renewed ehda.co last week already, with the same command, which also produced success response, just like today (the response above) but I keep getting the emails that the cert is due for renewal, also on all SSL checkers the cert is still to expire on June 18th. What should I do?

So the command produced new certificates in directory ehda.co-0001 while the old ones are still in ehda.co. I tried to mv the dirs so that the dir with the new ones is called ehda.co – no change in sslchecker.

Also, the README there says I am not supposed to mv those files.

Please advise.

Your command request "certonly" which won't update the symbolic links nor will it update your configuration files.

Try command without "certonly".
/usr/local/sbin/certbot-auto --renew-by-default --manual -d ehda.co

I see, thanks a lot. Dropping certonly solved the issue.

The peculiar redirect setup has a reason, public content is in subdirectory.

As a minor correction on this point, certonly does update symbolic links, but does not update configuration files. It will also not attempt to reload a web server (e.g. service apache2 graceful).

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.