Process for Renewing certificate

My tech person left the company and now the certificate for our subdomain has expired. I’m looking for a step by step procedure/process for a beginner tech person to renew the certificate.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don’t know): I don’t know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Hi @museumsco,

Welcome to the community forum!

I am unable to connect to It doesn’t appear the webserver on that is running.

$ echo | openssl s_client -connect -servername 2>/dev/null | openssl x509 -noout -issuer -startdate -enddate

$ telnet 443

$ telnet 80

$ nmap -Pn
Starting Nmap 7.70 ( ) at 2019-09-03 11:44 EDT
Nmap scan report for (
Host is up (0.0015s latency).
rDNS record for
Not shown: 999 filtered ports
53/tcp open  domain

Nmap done: 1 IP address (1 host up) scanned in 4.38 seconds

Hi there. I just turned the server on so you should be able to access the website now

Ok, great I can see the old expired cert.

$ echo | openssl s_client -connect -servername 2>/dev/null | openssl x509 -noout -issuer -startdate -enddate
issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
notBefore=Mar  7 21:08:52 2019 GMT
notAfter=Jun  5 21:08:52 2019 GMT

Can you type certbot certificates and show the output please? The simplest way to renew is to issue certbot renew per

sorry about the delay. Where do I type in the ‘certbot certificates’ to get the output?

You’ll need to ssh to the server and run the command there.

I just worked on getting the ssh client running on my laptop using Windows 10 but I haven’t figured out how to connect to the server yet. That is why I hoped that there was already a step by step on how to do this.

You’ll want to check out both of these AWS docs. SSH-ing is one of those things that will become rote, don’t worry. Good utils on Windows are PuTTY and standard openssh-client in the Windows Subsystem for Linux.

Thank you for your help. I’m working to get connected and will be back to you when I have an answer for your question

under the tutoring of someone more knowledgeable, I have been able to SSH-ing to get access to a server using PuTTY but without someone to assist me along the way, I am lost. I have generated key pairs but been unable to successfully use them to get access to the server. I am not sure what to do next

1 Like

I meant to say I was working alongside someone more knowledgeable than me in the past. You’ve been a help so far but I think I need more help than you can provide. It would be helpful to share my screen with someone to walk me through the steps once.

1 Like


When the server hosting was initially built, did anyone provide you with documentation about how to access that server? You’ll specifically be looking for an SSH private key. There’s a hint on the EC2 dashboard that may be able to help.

Best of luck.

It is also possible that the only copy of this private key for SSH authentication was on the device of the person who left the company. That’s not particularly unusual.

If so, is there a way to get AWS to override it without rebuilding the server?

Yes there is.
This appears to be an AWS provided automated way of regaining access. I’ve not used it though.

This process is a bit more involved, but has worked for me in the past.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.