Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Date has been checked on the mac, ssl labs return an invalid cert however it has been renewed on Friday 16, line command sudo certbot renew --dry-run return a valide cert
You also got a cert back in December but your Apache server is using the one you got in November. So something has gone wrong for a while. Maybe you just need to reload Apache?
Ok reloading Apache seems to solve the problem, Chrome is ok now. Thank you again for your precious help. Additional question is there a simple way to auto renew the certificate ? a command line ? i've justt install homebrew on the mac
If you show us the conf file in /etc/letsencrypt/renewal folder for that cert we can give specific advice. You may just need to add a --deploy-hook to reload apache. But, doing a graceful reload every day (or week) is fine too.
All "reconfigure" does is update the renewal conf file. If you want take a backup before hand but this should add just one line to that file. That's it
Hi community, i'm a bit in trouble now with the installation : here is what i've done
switch to zsh in terminal as requested by the app
sudo certbot certificates give that
sudo apachectl -t -D DUMP_VHOSTS give that
i suppose i have to install certbot 0.39.0 distribution with homebrew
Install Certbot
Run this command on the command line on the machine to install Certbot.
brew install certbot
Out of curiosity, is your Apache not already soft-restarted periodically in order to rotate logs? Or are your Apache logs just ever-growing with no rotation? Or are you using "piped log" functionality so logs can be rotated without Apache soft-restarting?
I've never had to restart Apache due to an expired certificate, or manually set up automatic restarts... daily soft/graceful restarts via logrotate was always the norm for me, until I switched logrotate to weekly, and even then, I still tend to get multiple restarts per week due to it insisting on rotating different logs on different days.
I also have my Apache child processes set so each one self-terminates after 10K connections, in order to limit possible memory leaks
so it surprises me to see a scenario where Apache child processes are left running for months
Hello and thank you catharsis for this feedback I don't think the Apache is restarted periodically, I restart it manually when necessary. I took over this installation previously managed by another Tech and I am new to these processes. I switched the terminal back to /bin/bash and run these commands:
certbot -l
certbot -e
sudo certbot renew —dry-run —cert-name bap.a3a-architecture.fr
on the last one, the result seems ok to me here are my results, so I assume the certificate is active
According to your comments my question is how to set multiple Apache’s restarts per week ?
For the certbot 0.39.0 it is what is asked for in the previous shell