How renew certificate swag?

jumpman · December 15, 2023, 8:14pm

Hi,

How renew certificate? I use duckdns and swag on docker. I restart the docker mais it doesn't t work.

Thanks for your analysis,

Best regard

Je peux lire des réponses en Anglais :

Mon nom de domaine est :mafoexterieur.duckdns.org

Le système d’exploitation sur lequel mon serveur Web s’exécute est (version incluse) : docker/ open media vaut

rg305 · December 15, 2023, 8:53pm

Hi @jumpman, and welcome to the LE community forum

I'd check to ensure the IP is up-to-date.
Compare results of:

nslookup mafoexterieur.duckdns.org
curl ifconfig.io

If they are the same, then I'd check the NAT/port-forwarding.
Follow the HTTP path to ensure it can reach the proper Docker container.
[ensuring no other system (including the host) is using HTTP]

If HTTP can reach the Docker container, then ensure the web service is working and can respond to HTTP requests.

jumpman · December 15, 2023, 9:55pm

Thanks rg305

OK

I'm sorry but I don't understand what it means

rg305 · December 15, 2023, 9:56pm

If the results of those two commands:

if they return the same IP, then:

So...
What IPs are returned from those commands?

jumpman · December 15, 2023, 10:05pm

Yes It the same IP when I use nslookup and curl

But I d'ont understand the step 2:

rg305 · December 15, 2023, 10:08pm

Do you have a router, or firewall, in front of the server?

jumpman · December 15, 2023, 10:16pm

I use Home assistant and it works fine but today I received a mail because let s encrypt certificate is expired.
So I restart the container swag but now, safari can't establish a secure connection.
I need to open the port 80 for test http//****.mafoexterieur.duckdns.org ?

rg305 · December 15, 2023, 10:19pm

Yes, it seems like all your certs are now expired.
See: crt.sh | mafoexterieur.duckdns.org

MikeMcQ · December 15, 2023, 10:47pm

Only when using the HTTP Challenge. But, you most recently got a wildcard cert which uses the DNS Challenge. So, opening port 80 wouldn't help that. And, your server now is using that latest wildcard cert.

Do you have any detailed logs or error messages from the system that requests your certificates?

jumpman · December 15, 2023, 10:53pm

Certificate exists; parameters unchanged; starting nginx
The cert is either expired or it expires within the next day. Attempting to renew. This could take up to 10 minutes.
<------------------------------------------------->
<------------------------------------------------->
cronjob running on Fri Dec 15 20:18:00 CET 2023
Running certbot renew
/app/le-renew.sh: line 9: certbot: command not found
**** The following active confs have different version dates than the samples that are shipped. ****
**** This may be due to user customization or an update to the samples. ****
**** You should compare the following files to the samples in the same folder and update them. ****
**** Use the link at the top of the file to view the changelog. ****

jumpman · December 15, 2023, 11:04pm

root@e5f0bbe4c8d8:/# certbot renew
bash: certbot: command not found
root@e5f0bbe4c8d8:/# sudo certbot renew
bash: sudo: command not found
root@e5f0bbe4c8d8:/#

the commands was try in swag console but doesn't works

rg305 · December 16, 2023, 12:22am

Please show this file:

jumpman · December 16, 2023, 9:11pm

Hi,
Portainer is probably the problem.
I replace by this in my swag stack docker compose: image: linuxserver/swag:latest
And now it works, I have new certificate.
Thanks for your help

system · January 15, 2024, 9:12pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.