Cert renewal not updating to new expiry date

That's bad. It looks like perhaps this was overwritten with an actual file.

Well? Are we offline?

Since the cert it not used in this system, just
delete the cert
ensure the folders are empty
and get a new one

1 Like

@rg305

Will the symlinks be recreated automatically though?

Yes, all will be right with the world :wink:

1 Like

@rg305

What about the offline bit, ya think? As obvious as it sounds?

That didn’t stop him from getting 6 certs! - LOL
Might want to check on the certbot-auto version (that may one day be outdated - if not updatable)
1.7.0 good for now :slight_smile:

1 Like

True! :astonished:

Somehow I don’t think they appeared out of the æther. I’m assuming @snoople had internet access before.

I think the outbound firewall rules are a bit tight around the waist/neck line

1 Like

Time to let it all out…

:crazy_face:

Maybe a dumb question but what’s the best way to delete the certs. Should I be just clearing the contents of the live folder or much more?

Just don’t wanna send myself through another blackhole of creating more errors than what is needed.

2 Likes

certbot-auto delete --cert-name *whatever*

use certbot-auto certificates first to find the names.

In your case:

1 Like

@rg305

It looks to me like @snoople is using one of the most thorough commands I’ve seen for a while. A bit excessive I think.

I’ll all good with it - except for the manual part.
I would look to automate it.

1 Like

I don’t think @snoople needs the TOS or server parts either. Perhaps just:

/usr/local/bin/certbot-auto certonly --manual --preferred-challenges dns -d devbankamp.com.au, *.devbankamp.com.au

Actually all that just needs to be said only the first time - then it’s just “renew”.

1 Like

I’ll definitely need to automate it if i can get this working
for now i just need to renew these certs somehow before all these servers potentially explode.

the renew didnt work last time, maybe because all these links were broken and it got angry.

1 Like

He’s gonna blast his cert though (and configuration).

Right - so it will be like the first time this next time
But after that…

1 Like

Try just this:

  • /usr/local/bin/certbot-auto delete --cert-name devbankamp.com.au

  • /usr/local/bin/certbot-auto certonly --manual --preferred-challenges dns -d devbankamp.com.au,*.devbankamp.com.au

1 Like