Cant renew cert after "Valid to" date. Cent OS

Hi all. I am using Next Cloud on Cent OS 7. After 3 mounth of using “Lets Encrypt cert” i saw that my ssl has expired. I tried to renew it by using “certbot renew” command . But it does not help. Cert bot log shows theese:

2019-08-09 11:47:12,207:DEBUG:certbot.main:certbot version: 0.31.0
2019-08-09 11:47:12,207:DEBUG:certbot.main:Arguments:
2019-08-09 11:47:12,207:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-08-09 11:47:12,224:DEBUG:certbot.log:Root logging level set at 20
2019-08-09 11:47:12,224:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-08-09 11:47:12,224:DEBUG:certbot.renewal:no renewal failures

Maybe i do something wrong :confused: i just want to renew this cert.
Please help.
THX for all

1 Like

Hi @yevgen1991

please answer the following questions:


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

My domain is: drive.smartscoring.com

I ran this command: certbot renew

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log

No renewals were attempted

My web server is (include version): apache/2.4.6 (centOs)

The operating system my web server runs on is (include version): Cent Os 7

My hosting provider, if applicable, is: Cent Os 7 on my own host server

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Cloud Flare

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

PS. I note that my Apache service is not running. But my Next Cloud is working well. I can login into Next Cloud control panel and ect.

Checking your domain there is no new certificate - https://check-your-website.server-daten.de/?q=drive.smartscoring.com#ct-logs

Issuer not before not after Domain names LE-Duplicate next LE
Let's Encrypt Authority X3 2019-05-09 2019-08-07 drive.smartscoring.com
1 entries

Only one expired.

Looks like that certbot version isn't used.

What says

certbot certificates

Is there a second certbot, certbot-auto?

it says: “No certs found”
but why does my cert not renew automatically?
and what cert i have used before?(from 2019-05-09 to 2019-08-07)

So you don't use that certbot.

How did you create that certificate?

i forgot it :confused: i used a manual from internet. I do not know Linux good…

1 Like

Then read the output of https://check-your-website.server-daten.de/?q=drive.smartscoring.com

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge.

start your Apache with a correct port 80 vHost, check, if there is no blocking firewall.

Then recheck your domain with the online tool. If there is a Grade A (checking /.well-known), try to create a new certificate:

certbot -d drive.smartscoring.com
2 Likes

Could you look in your web server configuration file and see what certificate and key file it is pointed to?

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.