Hello,
I have troubles to renew my certificate.
I am using a VM (the certificate is for this VM) on my Synology NAS.
The certificate is existing on the VM (Bitwarden) and the renew failed. I tried to add this domain on a global Letsencrypt certificate on the NAS as a sub-domain (https://crt.sh/?id=2807392590).
It was a bad idea because Bitwarden refuse to start without a valide certificat.
How can I revoque the global certificate (https://crt.sh/?id=2807392590) ?
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: vault.vequeau.eu
I ran this command: ./bitwarden start
It produced this output:
Processing /etc/letsencrypt/renewal/vault.vequeau.eu.conf
Cert is due for renewal, auto-renewing…
Non-interactive renewal: random delay of 180.58898340937054 seconds
Plugins selected: Authenticator standalone, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for vault.vequeau.eu
Waiting for verification…
Challenge failed for domain vault.vequeau.eu
http-01 challenge for vault.vequeau.eu
Cleaning up challenges
Attempting to renew cert (vault.vequeau.eu) from /etc/letsencrypt/renewal/vault.vequeau.eu.conf produced an unexpected error: Some challenges have failed… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/vault.vequeau.eu/fullchain.pem (failure)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/vault.vequeau.eu/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: vault.vequeau.eu
Type: connection
Detail: Fetching
http://vault.vequeau.eu/.well-known/acme-challenge/0-jJFzHcl5wJ90id0tv0RWi7cT1PEhvY3B3Kvrzp1mA:
Timeout during connect (likely firewall problem)
===============
2020-05-24 06:56:18,033:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 24 May 2020 06:56:24 GMT
Content-Type: application/json
Content-Length: 1004
Connection: keep-alive
Boulder-Requester: 73605716
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0101Voxs0GwGN3nh4r2yC0DyweqH76HGt1ZSYOR4qYvBav4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
“identifier”: {
“type”: “dns”,
“value”: “vault.vequeau.eu”
},
“status”: “invalid”,
“expires”: “2020-05-31T06:56:10Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:ietf:params:acme:error:connection”,
“detail”: “Fetching http://vault.vequeau.eu/.well-known/acme-challenge/JMWDwwcElLs9qJDpB0FcpFmHiUHssZ86fytSsZY5U9k: Timeout during connect (likely firewall problem)”,
“status”: 400
},
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4778464255/XGzuTg”,
“token”: “JMWDwwcElLs9qJDpB0FcpFmHiUHssZ86fytSsZY5U9k”,
“validationRecord”: [
{
“url”: “http://vault.vequeau.eu/.well-known/acme-challenge/JMWDwwcElLs9qJDpB0FcpFmHiUHssZ86fytSsZY5U9k”,
“hostname”: “vault.vequeau.eu”,
“port”: “80”,
“addressesResolved”: [
“92.139.219.252”
],
“addressUsed”: “92.139.219.252”
}
]
}
]
}
My web server is (include version): bitwarden (nginx)
The operating system my web server runs on is (include version): debian 10
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): non
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):