Remove letsencrypt incorrect webmin certificate on copied server image


#1

Hi All,

I have created a test cloud server from an image of the live server.

The problem I have is how do I remove the live certificate from the test server and recreate it for the test server.

Wayne


#2

If they are going to be using the same FQDNs, then you are done: They both have a valid cert.
So, I suspect that you are not going to be using the same FQDN.
On the test server run:
certbot delete
which should prompt you in the right direction.


#3

You’re asuming @wdrussell even uses certbot. However, @wdrussell should have provided us with much more information besides the 37 words he used right now.


#4

Hi,

Yes I am using certbot but because the original image is used to create a test server- the dns of the test server is different (certificate (Invalid)).

So I assume I could replace the existing incorrect ssl certificate on the test server but not sure how to do that.

Any help would be very much appreciated.

If there is anything else you need to know please let me know.

Wayne


#5

You can use certbot to delete the current cert and also to issue it a new and properly named cert.


#6

Hi,

I have used certbot to delete the original certificate from the test server.

In webmin “SSL Encryption” still points to the old server

Details of current certificate
Domain name dabd3e0.online-server.cloud Additional domains dabd3e0.online-server.cloud

with files /etc/webmin/letsencrypt-key.pem
/etc/webmin/letsencrypt-ca.pem

The test server is at http://f7781ae.online-server.cloud/

When I request new certificate in webmin I get:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for f7781ae.online-server.cloud
Using the webroot path /var/www/html for all unmatched domains.
Waiting for verification…
Cleaning up challenges
An unexpected error occurred:
There were too many requests of a given type :: Error finalizing order :: too many certificates already issued for: online-server.cloud: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.

Wayne


#7

The domain online-server.cloud is not a recognized public domain; So it is subject to the normal domain rate limits (https://letsencrypt.org/docs/rate-limits/).

You could use a domain found in the PSL (https://publicsuffix.org/list/) [many of which are provided for free by DDNS services].


#8

Hi,

The issue may be related to the fact that /etc/webmin/letsencrypt-key.pem is already saved for the for the original server image and it is not deleted.

Wayne


#9

Hi,
The domain for the test server is f7781ae.online-server.cloud

$ ping f7781ae.online-server.cloud returns:

PING f7781ae.online-server.cloud (77.68.76.112) 56(84) bytes of data.
64 bytes from 77.68.76.112: icmp_seq=1 ttl=54 time=23.2 ms

I have setup the live server this way and that appears ok.

Wayne


#10

The request new certificate is now working on the test server.