Certbot-auto renew ...I've been reading in the forum, but have no clue

AlejandroF · August 16, 2017, 3:26pm

Please fill out the fields below so we can help you better.

My domain is:conference.iai.int

I ran this command:certbot-auto renew

It produced this output:Processing /etc/letsencrypt/renewal/conference.iai.int.conf

Cert not yet due for renewal

The following certs are not due for renewal yet:
/etc/letsencrypt/live/conference.iai.int/fullchain.pem (skipped)
No renewals were attempted.

My web server is (include version):nginx/1.8.0

The operating system my web server runs on is (include version):debian jessie/sid

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no

I received this mail announcing that the certificates would expire. I renewed and it seemed everything went ok. Site shows as not secure. So I went here: https://dev.ssllabs.com/ssltest/analyze.html?d=conference.iai.int&hideResults=on
and I read there:
Valid from Mon, 15 May 2017 17:06:00 UTC
Valid until Sun, 13 Aug 2017 17:06:00 UTC (expired 2 days, 21 hours ago) EXPIRED
Therefore I treid again certbot-auto renew, that’s when I got the output mentioned above. Still, the site shows as not secure. Last week it was ok and after renewing the certificates I did not check, found out today that site is not secure.
Have no clue as to what went wrong. Any ideas?

Regards,
Alejandro

danb35 · August 16, 2017, 3:46pm

The certificate that your web server is using, and the certificate that certbot is looking at, aren't the same. This could be because they're just in different places on your server, or it could be because you didn't reload your web server after renewing the certificate.

AlejandroF · August 16, 2017, 4:27pm

danb35,
How do i solve that then?

schoen · August 16, 2017, 4:33pm

Run certbot-auto certificates to see which certificates you have. You might have two or more overlapping Certbot-managed certificates.

AlejandroF · August 16, 2017, 4:40pm

that’s what certbot-auto certificates says:
Found the following certs:
Certificate Name: conference.iai.int
Domains: conference.iai.int
Expiry Date: 2017-11-12 12:20:00+00:00 (VALID: 87 days)
Certificate Path: /etc/letsencrypt/live/conference.iai.int/fullchain.pem
Private Key Path: /etc/letsencrypt/live/conference.iai.int/privkey.pem
So it should be fine… but isn’t.

schoen · August 16, 2017, 4:41pm

Can you restart your web server application? What web server software are you using?

AlejandroF · August 16, 2017, 4:47pm

Using nginx. Had already restarted… twice. Nothing happened… have just restarted it a third time… sudo service nginx restart… magic is happened…by the third time it worked. Problem solved. Thanks for your kick in the correct direction.

Regards,
Alejandro

system · September 15, 2017, 4:47pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.