Hi there,
pretty sure this behavior is NOT correct:
everytime i run certbot to renew certificates, it will create -le-ssl.conf files, even though i choose NO REDIRECT.
how to stop this?
Greetings
Hi there,
pretty sure this behavior is NOT correct:
everytime i run certbot to renew certificates, it will create -le-ssl.conf files, even though i choose NO REDIRECT.
how to stop this?
Greetings
There may be some residue of that original request in the renewal.conf
file.
cat /etc/letsencrypt/renewal/*.conf
hi and thx for replying!
Cannot find anything suspicious there,
shall i delete theese files?
Greetings
NO NO NO
Not so fast.
Please show one of the files you are having trouble with.
And the complete command that you run.
# renew_before_expiry = 30 days
cert = /etc/letsencrypt/live/webmail.blox.berlin/cert.pem
privkey = /etc/letsencrypt/live/webmail.blox.berlin/privkey.pem
chain = /etc/letsencrypt/live/webmail.blox.berlin/chain.pem
fullchain = /etc/letsencrypt/live/webmail.blox.berlin/fullchain.pem
version = 0.31.0
archive_dir = /etc/letsencrypt/archive/webmail.blox.berlin
# Options and defaults used in the renewal process
[renewalparams]
installer = apache
authenticator = apache
account = REMOVED
server = https://acme-v02.api.letsencrypt.org/directory
Hmm i susually just run “certbot”.
There is one apache config containing all vhosts:80 for redirection purposed.
When run, certbot would make a -le-ssl.conf version of this file, effectively overriding ALL other config files…
my setup:
one config containing all vhosts with 80 => 443 redirection
seperate configs for each 443 domain
why does certbot let me choose between REDIRECT and NOT REDIRECT but will create a redirect ANYWAY? Did i get something wrong?
I think you are confusion making a second (TLS enabled) config with a redirect.
Redirection says:
“You have reached an HTTP server — but there is no one here, we moved to HTTPS, please connect with us @ HTTPS://this.same.server.name/”
Where (I suspect that) these two files only say:
File #1: “Hi I’m an HTTP server [I can serve you domain(s) x(& y, & z, etc…)]”
File #2: “Hi I’m an HTTPS server [I can serve you domain(s) x(& y, & z, etc…)]”
The second file is created simply to enable an HTTPS “copy” of the HTTP file (within it’s own file).
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.