Facing Challenges when renewing the SSL - Running Node application and Docker

kerlosense · July 23, 2020, 5:48pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://swpdev.macbiz.co

I ran this command: sudo certbot certonly --force-renew

It produced this output:

How would you like to authenticate with the ACME CA?

1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)

Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel):

My web server is (include version): Ubuntu 18.04

The operating system my web server runs on is (include version): Node server

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

Osiris · July 23, 2020, 5:58pm

Do you already have a certificate previously issued by certbot?

If so, please read the certbot documentation: https://certbot.eff.org/docs/using.html#renewing-certificates

kerlosense · July 23, 2020, 6:07pm

i don’t have nginx or apache web server running , its a simple nodejs application running on docker.

its asking me these two options
1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)

how do i move forward from here.

Osiris · July 23, 2020, 6:13pm

@kerlosense Your title specifically says “renewing the SSL”. This implies you already issued a certificate previously, which is nearly expired or has expired already and you want to renew this certificate, so it won’t expire (until the next expiry date).

Did you by any chance misunderstood the meaning of “renewing”? And do you want to get a brand new certificate issued for the first time? If yes, please say so, so we can help you with that in stead of renewing.

If you indeed already have a certificate which has expired or is near the expiry date and you’ve previously issued that certificate with certbot, I must refer to my previous post and urge you to read the certbot documentation.

kerlosense · July 23, 2020, 6:25pm

Yes, i am trying to reinstall the SSL certificate and i have already followed the documentation but having problems which i couldn’t understand.

here is the screenshot of what i get

Osiris · July 23, 2020, 6:28pm

Where in the documentation showed it that command to renew? I don't see it. Please forget your current command and read the documentation above again. It specifically links to the "How to renew" section and the command is even way simpler than the one you're using now.

kerlosense · July 23, 2020, 6:39pm

Here is what i am following now:

and here is the output i get after issuing this command.

Osiris · July 23, 2020, 6:42pm

OK, good, sort of. You’ve issued your certificate previously with the --manual option it seems. Without the proper scripts called with --manual-auth-hook (and --manual-cleanup-hook), it is impossible to automatically renew your certificate like this.

If you cannot automate the adding and removing of the challenge tokens, you cannot automatically renew your certificate. This is not something Let’s Encrypt advices: Let’s Encrypt is all about automation.

Do you remember how you previously managed to do the challenges required for validation of your hostname?

kerlosense · July 23, 2020, 6:45pm

Is there any way to reinstall a new certificate easily with auto renewal?

system · August 22, 2020, 6:45pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.