【Error】Certbot does not renew after expiration

TechnicalSuwako · August 6, 2018, 11:28pm

Screenshot_20180807_082615
I saw this message, but after renewing with certbot the certificate will not be updated.

My domain is:
git.076.ne.jp

I ran this command:
certbot renew

It produced this output:
root@git:~# certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/git.076.ne.jp.conf
-------------------------------------------------------------------------------
Cert not yet due for renewal

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/git.076.ne.jp/fullchain.pem (skipped)
No renewals were attempted.

My web server is (include version):
nginx 1.12.1 (Gitlab)

The operating system my web server runs on is (include version):
Debian 9.4

My hosting provider, if applicable, is:
My server

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No

JuergenAuer · August 6, 2018, 11:38pm

Hi @TechnicalSuwako

you have two active certificates:

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:git.076.ne.jp&lu=cert_search

One from 2018-07-07, one from 2018-08-07.

So your website used an old certificate. Check your certificates with

Certbot certificates

and use the path of the newer certificate in your nginx - configuration file.

mnordhoff · August 6, 2018, 11:47pm

What does “certbot certificates” output?

If you reload Nginx – e.g. “service nginx reload” or “systemctl reload nginx” – does that help?

What are Nginx’s ssl_certificate and ssl_certificate_key settings?

TechnicalSuwako · August 6, 2018, 11:58pm

After commanding “gitlab-ctl restart nginx”, the problem cured.
Thank you very much for your help quickly.

schoen · August 7, 2018, 9:06pm

In that case, you might want to add that as a deploy hook in your Certbot configuration, so that it will be run automatically when your certificates are renewed in the future.

system · September 6, 2018, 9:07pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certbot expired yet 'cert not yet due for renewal' Help	3	9646	October 9, 2017
Cannot renew one of my letsencrypt certificates Help	12	3078	November 18, 2017
'certbot -renewal' is not renewing the certificate Help	15	6728	November 16, 2017
How to overcome Certbot none renewal of expired certificate Site Feedback	22	3109	October 4, 2021
Certbot renew failing Help	24	1889	February 14, 2021

【Error】Certbot does not renew after expiration

Related topics