Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
sudo sh -c "sed -i.bak -e 's/^(pref_challs.)tls-sni-01(.)/\1http-01\2/g' /etc/letsencrypt/renewal/; rm -f /etc/letsencrypt/renewal/.bak"
sudo certbot renew --dry-run
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/prominenthair.hr-0001.conf
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/prominenthair.hr-0001/fullchain.pem
Processing /etc/letsencrypt/renewal/prominenthair.hr.conf
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
new certificate deployed with reload of apache server; fullchain is
/etc/letsencrypt/live/prominenthair.hr/fullchain.pem
Processing /etc/letsencrypt/renewal/www.prominenthair.hr.conf
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/www.prominenthair.hr/fullchain.pem
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/prominenthair.hr-0001/fullchain.pem (success)
/etc/letsencrypt/live/prominenthair.hr/fullchain.pem (success)
/etc/letsencrypt/live/www.prominenthair.hr/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
root@www:~# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Revocation status for /etc/letsencrypt/live/prominenthair.hr/cert.pem is unknown
Found the following certs:
Certificate Name: prominenthair.hr-0001
Domains: prominenthair.hr
Expiry Date: 2020-05-26 23:09:56+00:00 (VALID: 49 days)
Certificate Path: /etc/letsencrypt/live/prominenthair.hr-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/prominenthair.hr-0001/privkey.pem
Certificate Name: prominenthair.hr
Domains: prominenthair.hr www.prominenthair.hr
Expiry Date: 2019-06-01 23:13:03+00:00 (INVALID: EXPIRED)
Certificate Path: /etc/letsencrypt/live/prominenthair.hr/fullchain.pem
Private Key Path: /etc/letsencrypt/live/prominenthair.hr/privkey.pem
Certificate Name: www.prominenthair.hr
Domains: www.prominenthair.hr
Expiry Date: 2020-05-27 11:02:58+00:00 (VALID: 49 days)
Certificate Path: /etc/letsencrypt/live/www.prominenthair.hr/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.prominenthair.hr/privkey.pem
My comment:
One certificate is not renewed, the one that I got informed via e-mail one year ago, so I followed these steps:
P.S. I am really not sure why/how I created multiple certificates for the same domain because a lot of time has passed since then.
My web server is (include version):
Apache/2.4.18 (Ubuntu)
The operating system my web server runs on is (include version):
Ubuntu 16.04
My hosting provider, if applicable, is:
Digital Ocean
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
Putty + WinSCP
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): I upgraded from Certbot v0.19.0 to v0.31.0 successfully