DST Root Valid, but certificate still invalid even after renew

I have renewed the certificate.

  • DST Root CA X3 expires in 30 Sept 2021
  • Let’s encrypt Authoirity X3 expires expires in 17 March 2021
  • cloudbrasil,io Expired 4 August 2020

My domain is:cloudbrasil.io

Run
augustopissarra@Gutos-MacBook-Pro kabar % sudo certbot certificates
Password:
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Found the following certs:
Certificate Name: cloudbrasil.io
Domains: *.cloudbrasil.io cloudbrasil.io
Expiry Date: 2020-11-02 16:55:10+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/cloudbrasil.io/fullchain.pem
Private Key Path: /etc/letsencrypt/live/cloudbrasil.io/privkey.pem


Added the new certs to nginix and still does not use the new certificate.

I ran this command: sudo certbot certonly --manual --force-renew -d ‘*.cloudbrasil.io’ -d ‘cloudbrasil.io

It produced this output:


Found the following certs:
Certificate Name: cloudbrasil.io
Domains: *.cloudbrasil.io cloudbrasil.io
Expiry Date: 2020-11-02 16:55:10+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/cloudbrasil.io/fullchain.pem
Private Key Path: /etc/letsencrypt/live/cloudbrasil.io/privkey.pem


My web server is (include version):
ngnix

The operating system my web server runs on is (include version):
Kubernetes using nodejs

My hosting provider, if applicable, is: nic.io

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 1.3.0

Hi @abernardo.br

certonly doesn't install the certificate. Did you restart your webserver?

--force-renew is bad, there is a rate limit.

1 Like

Thanks Juergen for your response. Yes, I have installed the new cert on the server. I am using Kubernetes container that I am building locally making sure the new cert fullchain.pem and privkey.pem.

It was my fault. Used the wrong deploy and indeed it was not deploying the correct file.

Juergen thanks for taking the time to respond.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.