Directadmin > Let's Encrypt successfully , but visiting website gives certificate error

When generating the Certificate is being created, but when I visit my site I still get a certificate warning.

My domain is: act.runtrainer.com

I ran this command:
**Directadmin, build updated, ‘Certificate for … has been created successfully!’ **

It produced this output:
2020/07/07 13:08:56 No key found for account admin@server.domain.com. Generating a 4096 key.
2020/07/07 13:08:58 Saved key to /usr/local/directadmin/data/.lego/accounts/acme-v02.api.letsencrypt.org/admin@server.domain.com/keys/admin@server.domain.com.key
2020/07/07 13:08:58 [INFO] acme: Registering account for admin@server.domain.com
!!! HEADS UP !!!

Your account credentials have been saved in your Let’s Encrypt
configuration directory at “/usr/local/directadmin/data/.lego/accounts”.

You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let’s Encrypt so making regular
backups of this folder is ideal.
2020/07/07 13:08:59 [INFO] [act.domain.com] acme: Obtaining SAN certificate
2020/07/07 13:09:00 [INFO] [act.domain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/5720710729
2020/07/07 13:09:00 [INFO] [act.domain.com] acme: Could not find solver for: tls-alpn-01
2020/07/07 13:09:00 [INFO] [act.domain.com] acme: use http-01 solver
2020/07/07 13:09:00 [INFO] [act.domain.com] acme: Trying to solve HTTP-01
2020/07/07 13:09:06 [INFO] [act.domain.com] The server validated our request
2020/07/07 13:09:06 [INFO] [act.domain.com] acme: Validations succeeded; requesting certificates
2020/07/07 13:09:10 [INFO] [act.domain.com] Server responded with a certificate.
Certificate for act.domain.com has been created successfully!

My web server is (include version):
DirectAdmin

The operating system my web server runs on is (include version):
CentOS 7

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
DirectAdmin

Anyone know what I’m doing wrong?

Hi @rwzdoorn

checking your site there is an expired certificate.

Looks like you have to install the certificate and to restart your webserver, not only to create.

There is an expired certificate! How can I renew the certificate / find the created certificate and manually install it?

I already restarted the server (and services)

Already dug into a few things:

I found the private key in /usr/local/directadmin/data/.lego/accounts/acme-v02.api.letsencrypt.org/admin@server.domain.com/keys/admin@server.domain.com.key

I have multiple certificate keys:
act.domain.com.cacert
act.domain.com.cert
act.domain.com.cert.combined
act.domain.com.cert.creation_time (this has the epoch time of today when I generated the cert)
act.domain.com.cert.new.tmp
act.domain.com.cert.tmp

What certificate key should I now use?

Check your DirectAdmin documentation. I've never used DirectAdmin.

I waited for over a week till the rate-limit ‘lock’ would expire, but still I’m getting the following error:

*'Error creating new order :: too many certificates already issued for exact set of domains: act.runtrainer.com: see https://letsencrypt.org/docs/rate-limits/, url: *
Certificate generation failed.’

Also, I did check at https://check-your-website.server-daten.de/?q=act.runtrainer.com to view if there was still a lock and it should not be the case. How can I create (or renew my old certificate) ??

You have to install your already created certificate instead of creating certificates again and again.

If you don’t do that, you will hit the limit again.

So, I created a new certificate (which was successful) but somehow my old expired certificate keeps ‘alive’. How can I use the latest version and load it?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.