Certificate renewal

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:acmecentral.com

I ran this command:certbot -d acmecentral.com --manual --preferred-challenges dns certonly

It produced this output:

Saving debug log to C:\Certbot\log\letsencrypt.log 
Certificate not yet due for renewal 
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry. 
(ref: C:\Certbot\renewal\acmecentral.com.conf) 
What would you like to do? 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
1: Keep the existing certificate for now 
2: Renew & replace the certificate (may be subject to CA rate limits) 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 
Renewing an existing certificate for acmecentral.com 
Successfully received certificate. 
Certificate is saved at: C:\Certbot\live\acmecentral.com\fullchain.pem 
Key is saved at: C:\Certbot\live\acmecentral.com\privkey.pem 
This certificate expires on 2022-07-11. 
These files will be updated when the certificate renews. 
NEXT STEPS: - This certificate will not be renewed automatically. 
Autorenewal of --manual certificates requires the use of an authentication hook script (--manual-auth-hook) but one was not provided. 
To renew this certificate, repeat this same certbot command before the certificate's expiry date.

My web server is (include version):don't know

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: names.co.uk/TSOhost

I can login to a root shell on my machine (yes or no, or I don't know):think so

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):1.26.0

Ok, you have certificate and key. What do you wish to do?

To install it on your provider's system, you'll have to search their panel and their documentation. (And we had another user with the same provider, it's a shitty one)

OK the full story is:
Created cert successfully with certbot command, as given, 3 months ago. Could not remember exact expiry date so re-ran command a week ago, again successfully. But today original cert expired and ssl no longer working. Certbot says expires 11 July 2022 google says expired today. Do I need to copy the cert files to the server manually, never did this previously?

You have to install the new certificate, yes. You must've done so before. I don't know if you upload the files in the panel, or you send them to your provider elsewhere.

I have these files in c:\certbot

10/01/2022 17:42 1,704 0000_key-certbot.pem 10/01/2022 18:59 1,704 0001_key-certbot.pem 10/01/2022 19:18 1,708 0002_key-certbot.pem 10/01/2022 22:24 1,704 0003_key-certbot.pem 11/01/2022 23:49 1,704 0004_key-certbot.pem 06/04/2022 09:27 1,704 0005_key-certbot.pem 06/04/2022 15:14 1,704 0006_key-certbot.pem 12/04/2022 14:45 1,708 0007_key-certbot.pem

Do I just use the last file? and where should I copy it to? Thanks.

You should sort by last modified and get a set of cert, chain, key. (The most recent). Look in the archive subdirectory.

Where you have to put them, I don't know. You must ask your provider or search on their website.

OK found the latest files in archive sub-dir, think I can find where to put them. Can you let me know the google tools (or some other) command to test it all out. Thanks.

Please don't force the renewal of a perfectly fine certificate if issuance wasn't the problem to begin with in the future. Thank you.

OK done and done. Thanks for your help. Must have forgotten the bits on the server side.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.