Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: test.playtoome.com
I ran this command: sudo certbot renew
It produced this output:
No renewals were attempted.
My web server is (include version): Tomcat 7.0.68
The operating system my web server runs on is (include version): Ubuntu 16.04.5 LTS
My hosting provider, if applicable, is: AWS
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.26.1
Hi @panurag
there is a certificate:
https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:test.playtoome.com&lu=cert_search
valide 13.11.2018 - 11.02.2019
What says certbot certificates ? Did you delete config files?
Your domain is completely invisible ( test.playtoome.com - Make your website better - DNS, redirects, mixed content, certificates )
so you can't use http-01 validation.
If you have used tls-sni-01 validation, this is deprecated.
What happens if you use
sudo certbot -d test.playtoome.com --preferred-challenges http
But you need an open port 80.
How did you create the certificate?
Did you use Certbot?
What command did you use?
panurag
February 8, 2019, 10:33am
4
Hi,
Thank you.
The responnse to certbot certificates is:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
No certs found.
No config files were deleted.
Please check at the address https://test.playtoome.com:8443 .
The output for the command is “sudo certbot -d test.playtoome.com --preferred-challenges http”:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Certbot doesn’t know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run “certbot certonly” to do so. You’ll need to manually configure your web server to use the resulting certificate.
Port 80 is open.
Regards,
panurag
February 8, 2019, 10:34am
5
Hi,
Thank you.
I used certbot to create the certificate. The command used was: “sudo certbot certonly”.
Regards,
Sorry, I forgot the certonly - parameter.
sudo certbot certonly -d test.playtoome.com --preferred-challenges http
I see, you have checked your 8443 - port ( test.playtoome.com:8443 - Make your website better - DNS, redirects, mixed content, certificates ): But your port 80 doesn't work.
The last row is critical. Looks there is a firewall or something else that blocks active.
Is there a firewall or another server? I don't see headers, because all standard ports are blocked.
Letsencrypt needs the standard port 80 to check your domain, perhaps a redirect to port 443.
panurag
February 8, 2019, 10:48am
7
Hi,
I had used the command “sudo certbot certonly --csr request.csr”, not “sudo certbot certonly”.
Regards,
panurag
February 8, 2019, 10:51am
8
Hi,
At the time of issuing certificates, I had chosen the option to spin up a temporary server.
Thank you, Regards,
Then add the -vvv option, so more informations are logged.
And share
/var/log/letsencrypt/letsencrypt.log
When you use the --csr option, certbot renew does not support renewing the certificate.
Can you create a few certificate without using --csr?
1 Like
panurag
February 8, 2019, 12:22pm
11
Hi,
The certificate was created successfully.
Thank you, Regards,
2 Likes
Yep
https://test.playtoome.com:8443/
has now a new certificate, created today.
system
March 10, 2019, 2:16pm
13
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.