Problem with certificate has expired

Hi,

I have a problem regarding the renewal of a certificate with certbox.
I renewed the certificate with
certbot certonly --standalone -d academy.cl-ops.it --break-my-certs

and I checked the renew with certbot renew --dry-run:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/academy.cl-ops.it.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator standalone, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for academy.cl-ops.it
Waiting for verification...
Cleaning up challenges

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/academy.cl-ops.it/fullchain.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates below have not been saved.)

Congratulations, all renewals succeeded. The following certs have been renewed:
  /etc/letsencrypt/live/academy.cl-ops.it/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates above have not been saved.)

If I do certbot certificates and check the live's directory:

So I restarted my 2 containers (web server) but the certificate in browsers is still expired on 03/05/2022

My domain is: academy.cl-ops.it

My web server is (include version): I'm using 2 docker containers, one for moodle, one for mariadb

The operating system my web server runs on is (include version): ubuntu 20.04LTS

I can login to a root shell on my machine (yes or no, or I don't know): yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.40.0

What's the problem?
Thanks

Hi @cl-emanuele-ferrara, and welcome to the LE community forum :slight_smile:

Let's start unraveling this mystery with the output of:
apachectl -t -D DUMP_VHOSTS

1 Like

I @rg305, thanks!

I don't use apache, in fact the output is:

I use two docker containers

Your websites headers care to differ:

Date: Thu, 16 Jun 2022 12:06:25 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 16 Jun 2022 10:56:52 GMT
ETag: "2aa6-5e18e7ed3b652-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3138
Content-Type: text/html
2 Likes

Is this the correct IP?:

Name:    academy.cl-ops.it
Address: 139.59.207.238
1 Like

Yes, It is

Well then, I'm confused.
You say you don't use apache and show an output of apache running on port 80.
[which matches the headers returned from that IP]

You say you run two docker containers (web server) - but don't explain exactly how that is relevant, nor which "web server" is being used.

The problem you present "the certificate in browsers is still expired on 03/05/2022" requires a bit more detail.

  1. What is a URL that shows this expired cert?
  2. Which program/software provides the "service" at that URL?
1 Like

I'm sorry, I'm confused too...

I am using a container for moodle application, a container for MariaDB database.

  1. https://academy.cl-ops.it
  2. Moodle (?)

OK.
I think the problem is Moodle.
[which is not set to pickup the renewed cert automatically]
How did you install the certificate into Moodle?
Did you follow a guide?

1 Like

Moodle is on 443, not 80.

I install the certificate by the official guide of Certbox for Digital Ocean (the server is a machine by digital ocean)

Please share it with us.

A post was split to a new topic: Expired Cert - AWS Lightsail