That looks good [even thou it is an expired certificate].
OK, we need to delete the "-0001" certificate.
But first...
Where are you using the certificate?
I see nginx
.
Let's try:
nginx -T | grep -i nurturehq.com
That looks good [even thou it is an expired certificate].
OK, we need to delete the "-0001" certificate.
But first...
Where are you using the certificate?
I see nginx
.
Let's try:
nginx -T | grep -i nurturehq.com
The output is
[root@li810-70 ~]# nginx -T | grep -i nurturehq.com
nginx: invalid option: "T"
hmm...
That is a very old version of nginx
Try:
grep -Eri nurturehq.com /etc/nginx
The output is:
[root@li810-70 ~]# grep -Eri nurturehq.com /etc/nginx
/etc/nginx/conf.d/nurtureclient.conf: if ($host = www.nurturehq.com) {
/etc/nginx/conf.d/nurtureclient.conf: server_name *.nurturehq.com;
/etc/nginx/conf.d/nurtureclient.conf: ssl_certificate /etc/letsencrypt/live/nurturehq.com-0001/fullchain.pem; # managed by Certbot
/etc/nginx/conf.d/nurtureclient.conf: ssl_certificate_key /etc/letsencrypt/live/nurturehq.com-0001/privkey.pem; # managed by Certbot
/etc/nginx/conf.d/nurtureclient.conf: server_name *.nurturehq.com ;
/etc/nginx/conf.d/nurturesite.conf.nonworking: server_name nurturehq.com;
/etc/nginx/conf.d/nurturesite.conf.nonworking: rewrite ^(.*) https://www.nurturehq.com$1 permanent;
/etc/nginx/conf.d/nurturesite.conf.nonworking: ssl_certificate /etc/letsencrypt/live/nurturehq.com/fullchain.pem; # managed by Certbot
/etc/nginx/conf.d/nurturesite.conf.nonworking: ssl_certificate_key /etc/letsencrypt/live/nurturehq.com/privkey.pem; # managed by Certbot
/etc/nginx/conf.d/nurturesite.conf.nonworking: server_name www.nurturehq.com;
/etc/nginx/conf.d/nurturesite.conf.old: server_name nurturehq.com;
/etc/nginx/conf.d/nurturesite.conf.old: # server_name www.nurturehq.com;
/etc/nginx/conf.d/nurturesite.conf.old: ssl_certificate /etc/letsencrypt/live/nurturehq.com/fullchain.pem; # managed by Certbot
/etc/nginx/conf.d/nurturesite.conf.old: ssl_certificate_key /etc/letsencrypt/live/nurturehq.com/privkey.pem; # managed by Certbot
/etc/nginx/conf.d/nurturesite.conf.old: if ($host = nurturehq.com) {
/etc/nginx/conf.d/nurturesite.conf.old: server_name nurturehq.com;
/etc/nginx/conf.d/nurturewebsite.conf: server_name nurturehq.com;
/etc/nginx/conf.d/nurturewebsite.conf: rewrite ^(.*) https://www.nurturehq.com$1 permanent;
/etc/nginx/conf.d/nurturewebsite.conf: ssl_certificate /etc/letsencrypt/live/nurturehq.com/fullchain.pem; # managed by Certbot
/etc/nginx/conf.d/nurturewebsite.conf: ssl_certificate_key /etc/letsencrypt/live/nurturehq.com/privkey.pem; # managed by Certbot
/etc/nginx/conf.d/nurturewebsite.conf: ssl_certificate /etc/letsencrypt/live/nurturehq.com/fullchain.pem; # managed by Certbot
/etc/nginx/conf.d/nurturewebsite.conf: ssl_certificate_key /etc/letsencrypt/live/nurturehq.com/privkey.pem; # managed by Certbot
/etc/nginx/conf.d/nurturewebsite.conf: server_name www.nurturehq.com;
/etc/nginx/conf.d/nurtureclient_stage.conf: server_name sclient.nurturehq.com ;
/etc/nginx/conf.d/nurtureclient_stage.conf: ssl_certificate /etc/letsencrypt/live/nurturehq.com/fullchain.pem; # managed by Certbot
/etc/nginx/conf.d/nurtureclient_stage.conf: ssl_certificate_key /etc/letsencrypt/live/nurturehq.com/privkey.pem; # managed by Certbot
/etc/nginx/conf.d/phpmyadmin.conf: server_name mysql.nurturehq.com ;
/etc/nginx/conf.d/phpmyadmin.conf: ssl_certificate /etc/letsencrypt/live/nurturehq.com/fullchain.pem; # managed by Certbot
/etc/nginx/conf.d/phpmyadmin.conf: ssl_certificate_key /etc/letsencrypt/live/nurturehq.com/privkey.pem; # managed by Certbot
/etc/nginx/conf.d/nurturecockpit.conf: server_name cockpit.nurturehq.com;
/etc/nginx/conf.d/nurturecockpit.conf: ssl_certificate /etc/letsencrypt/live/nurturehq.com/fullchain.pem; # managed by Certbot
/etc/nginx/conf.d/nurturecockpit.conf: ssl_certificate_key /etc/letsencrypt/live/nurturehq.com/privkey.pem; # managed by Certbot
/etc/nginx/conf.d/nurturesite.conf.back: server_name nurturehq.com;
/etc/nginx/conf.d/nurturesite.conf.back: rewrite ^(.*) https://www.nurturehq.com$1 permanent;
/etc/nginx/conf.d/nurturesite.conf.back: server_name www.nurturehq.com;
/etc/nginx/conf.d/nurturewebsite.conf.http: server_name nurturehq.com;
/etc/nginx/conf.d/nurturewebsite.conf.http: ssl_certificate /etc/letsencrypt/live/nurturehq.com/fullchain.pem; # managed by Certbot
/etc/nginx/conf.d/nurturewebsite.conf.http: ssl_certificate_key /etc/letsencrypt/live/nurturehq.com/privkey.pem; # managed by Certbot
/etc/nginx/conf.d/nurturewebsite.conf.http: server_name nurturehq.com;
/etc/nginx/conf.d/default.conf: ssl_certificate /etc/letsencrypt/live/nurturehq.com/fullchain.pem; # managed by Certbot
/etc/nginx/conf.d/default.conf: ssl_certificate_key /etc/letsencrypt/live/nurturehq.com/privkey.pem; # managed by Certbot
/etc/nginx/conf.d/opcache.nurturehq.conf: server_name opcache.nurturehq.com;
/etc/nginx/conf.d/opcache.nurturehq.conf: ssl_certificate /etc/letsencrypt/live/nurturehq.com/fullchain.pem; # managed by Certbot
/etc/nginx/conf.d/opcache.nurturehq.conf: ssl_certificate_key /etc/letsencrypt/live/nurturehq.com/privkey.pem; # managed by Certbot
/etc/nginx/conf.d/nurturesite.conf.bk: server_name nurturehq.com;
/etc/nginx/conf.d/nurturesite.conf.bk: rewrite ^(.*) https://www.nurturehq.com$1 permanent;
/etc/nginx/conf.d/nurturesite.conf.bk: server_name www.nurturehq.com;
/etc/nginx/conf.d.kk/nurtureclient.conf: if ($host = www.nurturehq.com) {
/etc/nginx/conf.d.kk/nurtureclient.conf: server_name *.nurturehq.com;
/etc/nginx/conf.d.kk/nurtureclient_stage.conf: server_name sclient.nurturehq.com ;
/etc/nginx/conf.d.kk/phpmyadmin.conf: server_name mysql.nurturehq.com ;
/etc/nginx/conf.d.kk/nurturecockpit.conf: server_name cockpit.nurturehq.com;
/etc/nginx/conf.d.kk/nurturesite.conf.back: server_name nurturehq.com;
/etc/nginx/conf.d.kk/nurturesite.conf.back: rewrite ^(.*) https://www.nurturehq.com$1 permanent;
/etc/nginx/conf.d.kk/nurturesite.conf.back: server_name www.nurturehq.com;
/etc/nginx/conf.d.kk/nurturesite.conf: server_name nurturehq.com;
/etc/nginx/conf.d.kk/nurturesite.conf: rewrite ^(.*) https://www.nurturehq.com$1 permanent;
/etc/nginx/conf.d.kk/nurturesite.conf: server_name www.nurturehq.com;
/etc/nginx/conf.d.kk/opcache.nurturehq.conf: server_name opcache.nurturehq.com;
OK, only one file is using the "-0001
" version:
/etc/nginx/conf.d/nurtureclient.conf: ssl_certificate /etc/letsencrypt/live/nurturehq.com-0001/fullchain.pem; # managed by Certbot
/etc/nginx/conf.d/nurtureclient.conf: ssl_certificate_key /etc/letsencrypt/live/nurturehq.com-0001/privkey.pem; # managed by Certbot
Please edit that file and remove both of the "-0001
" text.
Also, please show:
grep -i include /etc/nginx/nginx.conf
Did the changes and the output of seconf command is:
[root@li810-70 ~]# grep -i include /etc/nginx/nginx.conf
include /etc/nginx/mime.types;
include /etc/nginx/conf.d/*.conf;
That's perfect!
What is the next step now
OK, now let's delete the "bad" certificate, with:
/opt/certbot/certbot delete --cert-name nurturehq.com-0001
Then reshow:
/opt/certbot/certbot certificates
[skipped the step where we aren't going to use "-auto" anymore]
Not able to delete it. THe output showing as below
[root@li810-70 ~]# /opt/certbot/certbot delete --cert-name nurturehq.com-0001
-bash: /opt/certbot/certbot: is a directory
OK wrong path [my bad]
try:
which certbot
It has to be one of those - LOL
Not showing.The output is as below
[root@li810-70 ~]# which certbot
/usr/bin/which: no certbot in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
I tries with "auto" and the output is as below:
[root@li810-70 ~]# /opt/certbot/certbot-auto certificates
Your system is not supported by certbot-auto anymore.
certbot-auto and its Certbot installation will no longer receive updates.
You will not receive any bug fixes including those fixing server compatibility
or security problems.
Please visit https://certbot.eff.org/ to check for other alternatives.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Found the following certs:
Certificate Name: nurturehq.com-0001
Serial Number: 438515db426429b2e269c219e5e08fb8901
Key Type: RSA
Domains: *.nurturehq.com
Expiry Date: 2022-08-31 05:34:32+00:00 (INVALID: EXPIRED)
Certificate Path: /etc/letsencrypt/live/nurturehq.com-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/nurturehq.com-0001/privkey.pem
Certificate Name: nurturehq.com
Serial Number: 438515db426429b2e269c219e5e08fb8901
Key Type: RSA
Domains: *.nurturehq.com
Expiry Date: 2022-08-31 05:34:32+00:00 (INVALID: EXPIRED)
Certificate Path: /etc/letsencrypt/live/nurturehq.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/nurturehq.com/privkey.pem
Try:
/opt/certbot/certbot-auto delete --cert-name nurturehq.com-0001
Then, let's find the working certbot
, with:
/opt/eff.org/certbot --version
/opt/letsencrypt/certbot --version
This is the output of all the three commands:
[root@li810-70 ~]# /opt/certbot/certbot-auto delete --cert-name nurturehq.com-0001
Your system is not supported by certbot-auto anymore.
certbot-auto and its Certbot installation will no longer receive updates.
You will not receive any bug fixes including those fixing server compatibility
or security problems.
Please visit https://certbot.eff.org/ to check for other alternatives.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The following certificate(s) are selected for deletion:
Are you sure you want to delete the above certificate(s)?
(Y)es/(N)o: y
Deleted all files relating to certificate nurturehq.com-0001.
[root@li810-70 ~]# /opt/eff.org/certbot --version
-bash: /opt/eff.org/certbot: is a directory
[root@li810-70 ~]# /opt/letsencrypt/certbot --version
-bash: /opt/letsencrypt/certbot: is a directory
[root@li810-70 ~]#
hmm...
We still haven't found certbot
!
Does your system use yum
for updates?
i never tried to update it before