My certificate did not updated automatically and now is expired. i tried certbot renew failed

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: a1astudios.tk

I ran this command: certbot renew

It produced this output: all renewal attempts failed.

Error 526 Ray ID: 669f46246be0170c • 2021-07-05 08:37:54 UTC

My web server is (include version): ubuntu 18.054.5 LTS

The operating system my web server runs on is (include version): GNU/Linux 4.15.0-135-generic x86_64

My hosting provider, if applicable, is: Vultr

I can login to a root shell on my machine (yes or no, or I don't know): yes login ok

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): bash

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.15.0

Hello,

To fix this, you will want to:

  1. (Temporarily) set your Cloudflare SSL mode to "Flexible". See this article.
  2. Post the full error message from Certbot.
2 Likes

Hello there and thank you for helping

I set Cloudflare SSL to Flexible

run command Certbot renew

certbot renew

Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /etc/letsencrypt/renewal/a1astudios.tk.conf


Cert is due for renewal, auto-renewing...

Plugins selected: Authenticator nginx, Installer nginx

Renewing an existing certificate

Performing the following challenges:

http-01 challenge for a1astudios.tk

http-01 challenge for www.a1astudios.tk

Waiting for verification...

Cleaning up challenges


new certificate deployed with reload of nginx server; fullchain is

/etc/letsencrypt/live/a1astudios.tk/fullchain.pem



Congratulations, all renewals succeeded. The following certs have been renewed:

/etc/letsencrypt/live/a1astudios.tk/fullchain.pem (success)


tried loading site on google

GETTING this ERROR

This page isn’t working

a1astudios.tk redirected you too many times.

ERR_TOO_MANY_REDIRECTS


cleared cache already

PLEASE ADVICE

GIULIANO CAVALLO

Try set Cloudflare back to "Full".

Your site should start working after a few minutes.

Then, try:

certbot renew --dry-run
1 Like

Thank you _az The site is back and everything looks normal. in the future, I should run the Certbot renew 30 days before expiration? sorry for the stupid question but I'm new to bash and Cloudflare.

Thank you for helping me to resolve this issue that is so vital for websites and people I trained with vultr and Nginx

warm regards

giuliano cavallo
a1astudios.tk

Ordinarily, your Certbot installation will have come with a scheduled task to perform renewal. It usually runs twice a day, renewing all certificate which are less than 30 days from expiry.

To make sure that you have one, you can try follow the instructions here.

Generally, you shouldn't have to run Certbot to renew your certificates. It should just happen automatically.

To make 100% sure, does a test renewal succeed?

sudo certbot renew --dry-run

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.