Certificate has expired

We are running a Ubuntu server and the certificate for the server has expired.

The settings was for auto update the certificate. The update did not go through and now we are unable to access some of our databases.

we have looked up all of the help files and tried some of the commands to renew the certicate.

How can we now pull down a new certificate once the old one has expired???

Thanks

Hi @Support1_IT,

Sorry to hear that your certificate is expired.

The new replacement certificate doesn’t exist at all until you request it with your client software and also prove your control over the domain name. It’s not that there’s some URL where the replacement certificate is already waiting to be downloaded, for example.

Could you please fill out the “Help” question template below to give some more context for your situation?

Please fill out the fields below so we can help you better.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

Good morning

I will try and answer all of your questions as listed below:

My domain is: cscp.net

I ran this command: Another member of staff ran the commands to renew the certificate from gnix

It produced this output:

My web server is (include version):yes

The operating system my web server runs on is (include version):Ubuntu 9.2

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):Yes I am running a control panel

Alan Brown
IT Manager

email: alan.brown@scp-centre.org
phone: +49 202 459 58 - 18

http://www.scp-centre.org/
COLLABORATING CENTRE ON SUSTAINABLE
CONSUMPTION AND PRODUCTION (CSCP)

Hagenauer Strasse 30
42107 Wuppertal / Germany [ Map https://www.google.de/maps/place/Collaborating+Centre+on+Sustainable+Consumption+and+Production+gGmbH/@51.2660583,7.1477487,17z/data=!3m1!4b1!4m2!3m1!1s0x47b8d7ba64a157d7:0x47f4498ed048a12c ]
www.scp-centre.org http://www.scp-centre.org/

https://twitter.com/scp_centre https://www.facebook.com/scpcentre http://www.linkedin.com/company/collaborating-centre-on-sustainable-consumption-and-production-cscp-

Collaborating Centre on Sustainable Consumption and Production (CSCP) gGmbH; Sitz der Gesellschaft/Registered Office: Wuppertal, Germany; Registergericht/Registered at Amtsgericht Wuppertal, Germany; Eintragungs-Nr./Registration no.: HRB 20060; USt.-ID Nr./VAT ID No.: DE 250 910 282; Geschaeftsfuehrer/Managing Director: Michael Kuhndt

Hi schoen,

Ramon is speaking: Please notice the following data and screenshot.

My domain is: cscp.net

I ran this command: ./certbot-auto renew

It produced this output: please see enclosed picture

My web server is (include version):yes

The operating system my web server runs on is (include version): Ubuntu 14.04

My hosting provider, if applicable, is: OVH all A records are checked and correct. Our router is providing the right fixed IP Address.

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Yes I am running a control panel

Thanks for the information, @Support1_IT.

@cpu, do you have more information in server logs to show what the nature of the connection failure was? I don’t immediately see a problem with this setup that would account for this failure.

Hello @Support1_IT,

There is something strange in your redirection, you are adding a question mark ? at the end of every redirection, maybe it is worth to re-check your redirection rules.

curl -IkL server.cscp.net/.well-known/acme-challenge/test
HTTP/1.1 301 Moved Permanently
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 04 Jul 2017 17:53:39 GMT
Content-Type: text/html
Content-Length: 193
Connection: keep-alive
Location: https://server.cscp.net/.well-known/acme-challenge/test?  <-- that ? should not be there.

HTTP/1.1 404 Not Found
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 04 Jul 2017 17:53:39 GMT
Content-Type: text/html
Content-Length: 177
Connection: keep-alive

Cheers,
sahsanu

I see a few failures for some cscp.net subdomains (e.g. zurmo, files, etc) around 04/07/2017 07:09 with the following underlying error:

dial tcp 87.139.107.23:80: getsockopt: no route to host

It seems like it may have been transient, I see successful requests to issue for these same names later on. I would guess something went bump-in-the-web between the VA and this IP.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.