Please fill out the fields below so we can help you better.
My domain is: https://www.ski-service-les-menuires.fr
I ran this command: certbot certonly
It produced this output: certificat expired since the 3rd june 2017
My web server is (include version): Simple Hosting
The operating system my web server runs on is (include version):Debian, Apache
My hosting provider, if applicable, is: Gandi
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
Hi guys, two times that I renew my certificat with the certbot certonly command
In my terminal the renewal is successfull (one time and I renewed it again cause the error still there) but when I want to access the website something goes wrong.
I can, with firefox to have more details (IE don’t) and the error message is :
www.xxxxxxxxxxxxxxxxxxxxxxxxxxxx.fr use an invalid certificat
Expired the 3rd june 2017
Error Code : SEC_ERROR_EXPIRED_CERTIFICATE
Have I to deleted the olrd certificat before renewal ?
I know that some of you tell me to ask gandi but with letsencrypt they usually sais to ask here…
Thanks a lot for helpers and let’s encrypt team.
Did you restart/reload your apache web server after renew the certificate?.
Hi Sahsanu, thanks for your reply,
I followed this link
and find a solution, using the run command and not the certonly, don’t know if it matters for something…
And I didn’t restart the server, I will try the certonly command and restart it for an other website to see if it solve the problem.
certonly command means to obtain a certificate, but not install it in the web server (like Apache).
If you use
certonly and specify subject names that correspond to an existing certificate, that certificate will be replaced with a new one, which is one means of performing renewal using Certbot. Howver,
certonly still does not do anything to tell any web server about this change.
When using a server like Apache, it needs to be restarted or reloaded in order to notice things like a changed certificate.
certonly never attempts to do this (unless you add something like a
--renew-hook option to tell it to).
run does attempt to install the certificate in a web server configuration, if it knows how to do so on your local machine; as part of this process, it will also restart the web server.
A more officially supported method might be something like
certbot renew --renew-hook "service apache2 graceful" (which can be run every day to renew when necessary and reload the web server when a renewal happens), but I’m glad that what you did ended up working for you.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.