Issues with renewing a certificate


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: crm.biotum.ru
My web server is (include version) nginx/1.14.0
The operating system my web server runs on is (include version): CentOS7

I can login to a root shell on my machine (yes or no, or I don’t know): yes

Hello everyone!
I’ve encountered one issue of getting a new certificate for my site. Usually I use the ‘sslforfree’ site to generate and obtain new certificates. But since last week all my attempts of getting the new cert have been failed. Every time I am getting the old one. I also have tried to get the new certificate with the certbot, but the result the same as described above. What’s the problem can it be? How can I resolve it?
Thank you in advance.


#2

Probably, the issue is that your server is not using the new certificate that you’re creating. You’ve definitely created 4 new certificates for that domain in the last week.

So, the next step is to figure out why your new certificates are not being loaded into nginx.

Maybe we can begin:

service nginx reload
nginx -t
grep -RE "ssl_certificate" /etc/nginx

and make sure that you’re updating the certificate file referenced by nginx, with your renewed certificate.


#3

Try listing the certs:
certbot certificates

If the new cert is there, then do as @_az recommended.


#4

I entered ‘certbot certificates’ and I got a list of certificates. There is the certificate. I tested all of paths to the cert and tested the nginx. It’s all ok, but it doesn’t work eventually. I think it’s only a problem of the nginx, so I’ll try to find and fix it. Thank you for your help! Now I know where I should move to.


#5

Your welcome.
You can “test” your nginx config with:
nginx -t