My domain is: goto50.ai
Following on from this morning’s email to force renewal of the certificate I had to do a couple of things to fix the deployment I’d previously done - I had copied the certs from another box and so hadn’t actually run certbot to renew certificates on this new box. I revoked the certificate in the process certbot revoke --cert-path /path/to/cert
which may have been a mistake - I then ran the set up code again for certonly
sudo certbot certonly --webroot -w /path/to/webroot -d goto50.ai -d www.goto50.ai
and it succeeded - then as per the email ran sudo certbot renew --force-renewal
which also appeared to succeed, output is:
/usr/lib/python3/dist-packages/requests/init.py:80: RequestsDependencyWarning: urllib3 (1.25.8) or chardet (3.0.4) doesn’t match a supported version!
RequestsDependencyWarning)
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/goto50.ai.conf
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for goto50.ai
http-01 challenge for www.goto50.ai
Waiting for verification…
Cleaning up challenges
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/goto50.ai/fullchain.pem
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/goto50.ai/fullchain.pem (success)
The problem is that the certifcate is still coming up in my browser as revoked - making me think that something has gone wrong. Have I broken this irretrievably. I appreciate any help you can offer.
Other information
My web server is (include version):
Nginx (version: nginx/1.14.0 (Ubuntu))
The operating system my web server runs on is (include version):
Ubuntu 18.04
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): certbot 0.27.0