CERT Downlaod unsuccessful

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: bctebspayroll.bahwancybertek.com

I ran this command:./getssl --debug "bctebspayroll.bahwancybertek.com"

It produced this output:
running reload command service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]

Checking /root/.getssl/bctebspayroll.bahwancybertek.com/bctebspayroll.bahwancybertek.com.crt

CERT_LOCAL=SHA1 Fingerprint=8F:E5:67:66:5E:7A:7F:02:77:8F:A6:9C:6A:C1:A6:4C:72:17:69:8D

CERT_REMOTE=
/root/.getssl/bctebspayroll.bahwancybertek.com/bctebspayroll.bahwancybertek.com.crt not returned by server
getssl: bctebspayroll.bahwancybertek.com - rsa certificate obtained but not installed on server

My web server is (include version): Oracle EBS R12.1.3

The operating system my web server runs on is (include version): RHEL 6.5

My hosting provider, if applicable, is: Let's encrypt

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): NA

Hi @vishnu_k

checking your domain you have created some certificates - https://check-your-website.server-daten.de/?q=bctebspayroll.bahwancybertek.com#ct-logs

Issuer not before not after Domain names LE-Duplicate next LE
Let's Encrypt Authority X3 2020-10-22 2021-01-20 bctebspayroll.bahwancybertek.com - 1 entries duplicate nr. 5 next Letsencrypt certificate: 2020-10-26 06:52:49
Let's Encrypt Authority X3 2020-10-22 2021-01-20 bctebspayroll.bahwancybertek.com - 1 entries duplicate nr. 4
Let's Encrypt Authority X3 2020-10-22 2021-01-20 bctebspayroll.bahwancybertek.com - 1 entries duplicate nr. 3
Let's Encrypt Authority X3 2020-10-22 2021-01-20 bctebspayroll.bahwancybertek.com - 1 entries duplicate nr. 2
Let's Encrypt Authority X3 2020-10-19 2021-01-17 bctebspayroll.bahwancybertek.com - 1 entries duplicate nr. 1

Oh, five, so you have already hitted the limit.

But your port 443 doesn't answer.

So the certificate installation didn't work.

May be

  • your getssl is too old, check, if there is an update
  • your getssl doesn't understand your configuration

I don't know how that client works.

So

  • check the documentation of that client to find your 5 certificates
  • install the newest certificate manual.

Next renew: May be switch to another client.

1 Like

Hi,

we have downloaded the getssl utility through below command.

curl --silent https://raw.githubusercontent.com/srvrco/getssl/master/getssl > getssl ; chmod 700 getssl

Is there any step or document to update the existing getssl?

Or is there any possible solution resolve this issue?

It is a complete loss of service and we are facing in production

Thanks

Check the documentation of that tool, I don't use it.

There are a lot of other clients.

That's always the problem using third-party-tools. It's your decision if you use a (may be not longer supported) tool or a tool that doesn't work with your configuration. Happens.

Is it possible that you have to take an additional step to install the new certificate into your Oracle server? Presumably getssl doesn't know how to do this and is telling you that it doesn't know via the message "rsa certificate obtained but not installed on server".

You may have a valid certificate saved somewhere on your machine, but you may have to repeat whatever process was used to import that into the Oracle EBS application before. If you don't know how to do this, you can look for documentation about that application or look for a forum related to it. (It's not a common choice here, so I'm not sure if people on this forum will know how to advise you to configure it.)

1 Like