Error when renewing certificate


#1

Hi everybody,

Like my tittle says, I have a problem renew my certificate.

using this command

sudo ./certbot-auto renew -v --debug

Always returns a error like this :

 Domain: jira.x.com
   Type:   unauthorized
   Detail: Incorrect validation certificate for tls-sni-01 challenge.
   Requested
   a58cacec9c879052cf8f609e26f86f22.839cc1b791385c60d49519fca5bbead1.acme.invalid
   from 34.x.y.z:443. Received 1 certificate(s), first
   certificate had names "jira.x.com"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

I check the DNS A records and it’s point to the IP mentioned in the error.

obtening certificate from certbot-auto certificates returns

Found the following certs:
  Certificate Name: jira.x.com
    Domains: jira.x.com
    Expiry Date: 2018-04-19 13:55:19+00:00 (VALID: 19 days)
    Certificate Path: /etc/letsencrypt/live/jira.x.com/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/jira.x.com/privkey.pem

As new to certificate world , I’m wondering where should I check to correct this problem?


#2

Hi,

Since TLS-SNI is not available to new issuerance and would cause trouble (the method you are using)

I suggest to use http or DNS validation.
Just issue a new cert instead of using renew (you should be able to still renew normally using tls-sni, however I have no clue how to debug it or force the renew to use other validation)

Thank you


#3

Thanks!

Just found the issue for this situation this morning… :frowning: and avoid one silly question :slight_smile:


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.