I agree. That should set the stage.
1 Like
thanks @griffin will try that soon.
the vpn at my company conveniently went down 10 minutes ago so can’t access the server 
Could’ve chosen any other day…
I will just have to sit here and chill until it’s back up. Thanks for all your help though guys, really appreciate it.
2 Likes
Murphy strikes again. 
No worries. Need chow myself now. Back later. See ya Rudy! 
1 Like
Tried the delete, seems like lots of files are still lingering in the live directory and all those other ones.
is it necessary to do a full cleanup to start fresh? not sure on the risks of going full delete mode.
[root@ip-10-162-30-120 live]# /usr/local/bin/certbot-auto delete --cert-name devbankamp.com.au
WARNING: unable to check for updates.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Deleted all files relating to certificate devbankamp.com.au.
Also…
[root@ip-10-162-30-120 live]# ls -ltr
total 16
-rwxrwxrwx. 1 nobody root 740 Jun 26 09:54 README
-rwxrwxrwx. 1 nobody nobody 0 Aug 19 17:48 test.txt
drwxrwxrwx. 2 nobody root 4096 Aug 20 12:02 _devbankamp.com.au
drwxrwxrwx. 3 nobody root 4096 Sep 8 14:36 devbankamp.com.au
[root@ip-10-162-30-120 live]# cd devbankamp.com.au/
[root@ip-10-162-30-120 devbankamp.com.au]# ls
1415-22-06-2020-backup devbankamp.com.au-decrypted.key devbankamp.com.au.pfx devbankampfull.pem
devbankamp.com.au-cert.crt devbankamp.com.au-encrypted.key devbankamp.com.au.pfx.old
[root@ip-10-162-30-120 devbankamp.com.au]# cd …
[root@ip-10-162-30-120 live]#
1 Like
You should be fine.
Try and get a new cert now.
Unless otherwise needed (can't see why), you could also delete these two folders:
1 Like
Whole companies dns servers actually getting ddosed so blew up midway through. Will try again tomorrow assuming it’s back alive. Will let you know how it goes tomorrow, might as well checkout since I can’t do anything anyways.
1 Like
much better!
need to make sure I can automate the renewal next time.
im guessing a simple certbot renew command should work?
[root@ip-10-162-30-120 letsencrypt]# /usr/local/bin/certbot-auto certonly --manual --preferred-challenges dns -d devbankamp.com.au,*.devbankamp.com.au
Upgrading certbot-auto 1.7.0 to 1.8.0…
Replacing certbot-auto…
Creating virtual environment…
Installing Python packages…
Installation succeeded.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
IMPORTANT NOTES:
-
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/devbankamp.com.au/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/devbankamp.com.au/privkey.pem
Your cert will expire on 2020-12-07. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again. To non-interactively renew all of your certificates, run
“certbot-auto renew” -
If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
1 Like
Those kind of contradict each other.
i’ll try running it later without manual.
probably a whole new command
1 Like
wildcards are not as simple as other certs.
To automate them you will need:
- a client that has DNS API support
- a DNS service provider that supports such automation (via API)
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.