I have configured Let’s Encrypt. My certificate expired on 30th July 2020. It should be renewal automatically using cronjob but it didn’t happened.
- Due to some security reasons i have changed cron job default permissions. Is this stopped my renewal.
drwxr-xr-x 2 root root 4096 May 27 12:36 cron.d/
drwxr-xr-x 2 root root 4096 Jun 8 22:05 cron.daily/
drwxr-xr-x 2 root root 4096 May 27 11:14 cron.hourly/
drwxr-xr-x 2 root root 4096 May 27 12:36 cron.monthly/
-rw-r–r-- 1 root root 1042 Feb 14 02:14 crontab
drwxr-xr-x 2 root root 4096 May 27 12:40 cron.weekly/
drwx------ 2 root root 4096 May 27 12:36 cron.d/
drwx------ 2 root root 4096 Jun 8 22:05 cron.daily/
drwx------ 2 root root 4096 May 27 11:14 cron.hourly/
drwx------ 2 root root 4096 May 27 12:36 cron.monthly/
-rw------- 1 root root 1042 Feb 13 20:44 crontab
drwx------ 2 root root 4096 May 27 12:40 cron.weekly/
- I am using AWS EC2 Instance, due to some reasons my IP Address has been changed. Is this impact on my renewal.
i need root cause of this issue.
could please reply me on this.
What acme client are you using?
I am using Certbot Client in Ubuntu 20.04.
$ ll /etc/cron.d
-rw-r–r-- 1 root root 775 Sep 14 2018 certbot
ok, what does
certbot certificates say?
and then, check the logs for a reason why renewal fails,
eventually, check the systemd timer:
systemctl list-timers --all
Actually, I have resolved the issue but i didn’t find the route cause of this issue.
I need clarity on this.
Suppose, in future IP address may be changed or may not. For which reason my renewal was stopped due to ip address or else cron job.
help me to sort out the root cause.
the ip address of your machine isn't relevant. Normally, it's the ip of the domain you want to create a certificate.
But if you use dns validation, you can run the client on another machine. Then you may have trouble to install the certificate.
So: Nobody knows your setup, nobody knows an answer.
Ok Got it.
Present i have renewed the my certificate and next time my renewal process will go smoothly using cron job.
For your reference screenshot is below.
please have a look and let me know.
Thanks @JuergenAuer for your support.
the systemd timer output is below:
**systemctl list-timers --all**
Check in two months if the renew has worked.
Okay sure i will monitor it.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.