【Error】Certbot does not renew after expiration


#1

Screenshot_20180807_082615
I saw this message, but after renewing with certbot the certificate will not be updated.

My domain is:
git.076.ne.jp

I ran this command:
certbot renew

It produced this output:
root@git:~# certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/git.076.ne.jp.conf
-------------------------------------------------------------------------------
Cert not yet due for renewal

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/git.076.ne.jp/fullchain.pem (skipped)
No renewals were attempted.

My web server is (include version):
nginx 1.12.1 (Gitlab)

The operating system my web server runs on is (include version):
Debian 9.4

My hosting provider, if applicable, is:
My server

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No


#2

Hi @TechnicalSuwako

you have two active certificates:

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:git.076.ne.jp&lu=cert_search

One from 2018-07-07, one from 2018-08-07.

So your website used an old certificate. Check your certificates with

Certbot certificates

and use the path of the newer certificate in your nginx - configuration file.


#3

What does “certbot certificates” output?

If you reload Nginx – e.g. “service nginx reload” or “systemctl reload nginx” – does that help?

What are Nginx’s ssl_certificate and ssl_certificate_key settings?


#4

After commanding “gitlab-ctl restart nginx”, the problem cured.
Thank you very much for your help quickly.


#5

In that case, you might want to add that as a deploy hook in your Certbot configuration, so that it will be run automatically when your certificates are renewed in the future.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.