How to renew cert when it is past the expiration

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
portal.spl-inc.com

I ran this command:
No input, it did not auto renew

It produced this output:
The authentication to the server is no longer occurring

My web server is (include version):
server: nginx/1.27.4

The operating system my web server runs on is (include version):
|Distributor ID:|Ubuntu|
|Description:|Ubuntu 20.04.3 LTS|
|Release:|20.04|
|Codename:|focal|

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
No output

Is there a way to reset the certificate when it is usually done automatically? The certificate location on the server seems to not be in a normal location. If I do a Certbot install and go that route, will this interfere with the automated process?

Thank you!

Jason

2

What "automated process" do you refer to?

3

The certification renewal automation. I might have the wrong jargon here and I apologize.

4

Sure, but something has to do that. Certificates don't come just out of thing air into existence. An ACME client, such as Certbot (but there are many other ACME clients out there), needs to actually request such a certificate before it gets issued.

So if you're not using Certbot, then what was automatically getting the certificates for you?

1 Like
5

We use Lets Encrypt with Traefik to automate the cert renewals. I beileve traefik tracks those cert expirations and starts the renewal process.

I also want to apologize for my ignorance, I am new to this world and I appreciate you working with me.

6

I personally don't have any experience with Traefik.

You should try to find some kind of log which should be able to tell you some kind of error message, if there is any.

Maybe other volunteers can help you further with regard to Traefik.

1 Like
7

time="2025-04-03T15:14:14Z" level=error msg="Error renewing certificate from LE: {portal.spl-inc.com }, error: one or more domains had a problem:\n[portal.spl-inc.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: 104.43.165.167: Invalid response from http://portal.spl-inc.com/.well-known/acme-challenge/E_b2wGj4nxLfz75yjZoCiCq3PYWmFdSoma_-Hvsq4Y4: 404\n" providerName=le.acme
time="2025-04-03T15:14:24Z" level=error msg="Cannot retrieve the ACME challenge for token AgnzeLZ8kmqope1OtAvI_iBYGTTXm3-MajPezStVcBY: cannot find challenge for token AgnzeLZ8kmqope1OtAvI_iBYGTTXm3-MajPezStVcBY" providerName=acme

Here are some logs that have brought me to this point.