Recreate Cert after deleting the expired Cert


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: delivery.lymousine.com

I ran this command:

./letsencrypt-auto certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log


No certs found.

./letsencrypt-auto certonly -d delivery.lymousine.com

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?

1: Apache Web Server plugin - Beta (apache)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)

Select the appropriate number [1-3] then [enter] (press ‘c’ to cancel): 2
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for delivery.lymousine.com
Cleaning up challenges
Problem binding to port 443: Could not bind to IPv4 or IPv6.

My web server is (include version):
I am not running apache webserver
I am running nodejs server.

The operating system my web server runs on is (include version):
ubuntu 17.04 zesty

My hosting provider, if applicable, is:
azure

I can login to a root shell on my machine (yes or no, or I don’t know):

Yes root access is there

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


#2

You’re trying to run this in standalone mode, but you already have a server running on the https port so the standalone authenticator can’t run. Is there a particular reason you’re using standalone?

If so, you’ll need to temporarily stop whatever is listening on 443. This can be achieved with the --pre-hook and --post-hook flags.


#3

Hi,

As @jared.m said. If you are using standalone mode, you probably need to stop your current Apache server first. (Since it’s going to temporarily setup a server for verification)

If you don’t wish to set up that server, you can use Apache(edit your current Apache config to comply with verification) or webroot (use another directory to verify the certificate and deploy to your current directory)

Thank you


#4

I’m curious to see what version you have…
./letsencrypt-auto --version


#5

./letsencrypt-auto --version
certbot 0.23.0


#6

./letsencrypt-auto certonly -a webroot --webroot-path=/opt/app/lymoenterprise/ -d delivery.lymousine.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for delivery.lymousine.com
Using the webroot path /opt/app/lymoenterprise for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. delivery.lymousine.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://delivery.lymousine.com/.well-known/acme-challenge/-Db5RKi1L3950A19DqjZ5mnI-vwrmiuU5G1ZNvmNkpk: "

404 Not Found

Not Found

<p"

IMPORTANT NOTES:


#7

Thanks guys,

I fixed it;

by running

./letsencrypt-auto -d delivery.lymousine.com --authenticator manual certonly

followed the steps

and got it.

thanks again


#8

Note that this won’t allow automated renewals. You’ll have to repeat the manual process every time you want to renew the certificate.

The other methods that people suggested here (if properly debugged) can support automated renewal.


#9

Thanks guys,

This did the trick

./letsencrypt-auto -d delivery.lymousine.com --authenticator manual certonly

the option **–**authenticator did the trick.

thanks again for the support.


#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.