Let's Encrypt certificate expiration notice for domain

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: pahadilocal.com

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: digitalocean

I can login to a root shell on my machine (yes or no, or I don’t know): no

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): digitalocean but development team look into that and I am not aware how to do that. kindly help how to renew this.

Hello,

Your certificate (or certificates) for the names listed below will expire in 19 days (on 01 Jan 19 16:57 +0000). Please make sure to renew your certificate before then, or visitors to your website will encounter errors.

We recommend renewing certificates automatically when they have a third of their
total lifetime left. For Let’s Encrypt’s current 90-day certificates, that means
renewing 30 days before expiration. See
https://letsencrypt.org/docs/integration-guide/ for details.

For any questions or support, please visit https://community.letsencrypt.org/. Unfortunately, we can’t provide support by email.

You need to identify how the certificate was issued initially, to understand how it should be renewed.

For example,

find /etc/letsencrypt/renewal
grep -Ri ssl_certificate /etc/nginx

etc

Until recently, you were apparently renewing the certificate every 60 days:

https://crt.sh/?q=%pahadilocal.com

Either you had an extremely punctual colleague renewing it by hand, or your ACME client was renewing it automatically but recently stopped working.

Dear Team,

What is the solution for this kindly advice. Bcs this is new platform for me.

Warm Regards,

Chandresh Suvarna

Assistant Manager - IT

In order to resolve this problem, we need to know more about your hosting and software environment, ideally including how the certificate was originally issued. Let’s Encrypt can be used in many different software environments and the details of how to diagnose and fix problems are quite different depending on the software that’s used to administer the web site and to obtain the certificate.

Using digital ocean server.

backend is a rails server

ruby environment installed

front-end is ember

how the certificate was originally – developer installed it but now he left organisation.

Warm Regards,

Chandresh Suvarna

Assistant Manager - IT

Thanks for that information. When I connect to your server, I additionally see the web header

Server: nginx/1.13.8

Do you know if this nginx 1.13.8 is running directly on your Digital Ocean instance? Is it perhaps passing requests to the Ruby application via CGI, WSGI, a proxy_pass directive, or similar?

It appears that the nginx server is actually responsible for the HTTPS service (we would say that it “terminates TLS connections”) even if the web application is written using Ruby tools. So probably the necessary steps will involve updating the certificate that’s used by nginx.

Can you see if this is the case? If so, perhaps you have configuration files within /etc/nginx/sites-enabled (or another nginx configuration directory) that contain ssl_certificate and ssl_certificate_key files? If so, can you see what files these directives refer to? That might help in identifying what software was originally used to issue your certificate.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.