Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:haslv.com
I ran this command: ```
sudo certbot -d $DOMAIN -d $WILDCARD --manual --preferred-challenges dns certonly
It produced this output:
bitnami@ip-172-26-13-6:~$ sudo certbot -d $DOMAIN -d $WILDCARD --manual --preferred-challe
nges dns certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Cert not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you
requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/haslv.com.conf)
What would you like to do?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel):
My web server is (include version): Apache/2.4.41 (Unix)
The operating system my web server runs on is (include version):Ubuntu 16.04.6 LTS (GNU/Linux 4.4.0-1102-aws x86_64)
My hosting provider, if applicable, is: AWS
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): NO
The version of my client is (e.g. output of `certbot --version` or `certbot-auto --version` if you're using Certbot): not sure ?
Problem: Certificate expired over the weekend. I renewed it and seemed to work. A couple of hours later, I tried it on another computer and it show expired. I checked the DNS TXT record and tried to re-enter it. But, I dont know the value for the second record. So, I am dead in the water until I get the two acme-challenge values to enter into the DNS. Where can I view the challenges now?
I am using Bitnami approach. Certbot was installed via Bitnami documentation and has worked until I tried to renew an expired certificate. Now, if I issued the command to manually renew I dont see the acme-challenges anymore.
sudo certbot -d $DOMAIN -d $WILDCARD --manual --preferred-challenges dns certonly
If you really want to use Certbot, you need to identify where Bitnami is reading its certificates from:
grep -r sslcertificatefile /opt/bitnami/apache2
and make sure it (and the key file) points to the the renewed certificate in Certbot (/etc/letsencrypt/live/haslv.com/fullchain.pem and privkey.pem, respectively).