Greetings,
Our domain is:
This issue is time sensitive - any help is much appreciated.
We use 90-day wildcard TLS certs. We automate the renewal process with Certbot and a fairly typical setup. We've had no issues for years. In today's renewal, the script that calls the certbot client ran successfully, using DNS challenges as always.
The resulting cert, once deployed, shows:
Certificate issuer: R3
Certificate chain
DST Root CA X3
R3
*.bitbrew.com
This cert (above) is unrecognized by our RabbitMQ cluster. We had to revert back to the old cert, which expires tomorrow (Feb 18, 2021).
Previously, certs, once deployed, showed:
Certificate issuer: Let's Encrypt Authority X3
Certificate chain
DST Root CA X3
Let's Encrypt Authority X3
*.bitbrew.com
The script that calls certbot runs on macOS and was installed through homebrew. I believe that after upgrading to Big Sur, the certbot version was auto-upgraded by brew. The version is now:
certbot: stable 1.11.0
Looks like the previous version of certbot (last used to renew certs back on Nov 20, 2020) was 0.33.1.
I don't doubt that the new certs from today are valid and use the correct CA and intermediate, but we have no quick fix for RabbitMQ, and need to renew our certs.
Is it possible to install an older version of certbot on macOS?
If yes, will that version generate the cert as it used to be so we can renew and buy some time to investigate RabbitMQ?
Please note that the website cert is managed separately - the issue here concerns our RabbitMQ cluster specifically.
Thanks in advance,
Ben