Removing certificate from domain:

Completely new to web development.

I’m having an issue where I missed the renewal and the certificate has expired, but now the site gets an un-secure message on browsers. I would like to remove the certificate and just use HTTP rather than the HTTPS so my sites aren’t flagged. I am using Google Cloud, Google Domains and Wordpress.

I also couldn’t get Certbot working through Google Cloud shell.

• Remove any HTTP to HTTPS redirect you have setup in your webserver configuration, if any (e.g. Apache, nginx)
• Remove the port 443 virtual hosts from your web server configuration (e.g. Apache, nginx)
• Update WordPress' Site URL so that it does not use the https:// scheme in its URL - Changing The Site URL « WordPress Codex
• Ensure that your site was not sending the HTTP Strict Transport Security header. If your site was sending this header, then there is nothing you can do to get rid of HTTPS, as visitors' browsers will insist on using a secure connection. Since you have not provided your domain, I can't tell you whether this affects you or not.

It's a much better idea to just keep using HTTPS. We can help you with your Certbot problem, but you'll need to share what the actual problem is (the full output of the Certbot command you used).

I apologize, I’m really new to this and some of this went over my head.

I followed the directions from https://docs.bitnami.com/aws/how-to/generate-install-lets-encrypt-ssl/.

I have attempted to turn off all HTTPS in Google Cloud, and in Google Domains, but the site is still getting the HTTPS error. I would love to fix the Certbot issue, but what information do we need to diagnose the problem?

This is the error I get when I try to follow https://certbot.eff.org/lets-encrypt/debianstretch-nginx and try to install Certbot. This is the result from:

$ sudo apt-get install certbot python-certbot-nginx -t stretch-backports

nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2019-01-29 03:16:04 UTC; 13ms ago
Docs: man:nginx(8)
Process: 17468 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=1/FAILURE)
Process: 17466 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)

Jan 29 03:16:03 protog-vm nginx[17468]: nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
Jan 29 03:16:03 protog-vm nginx[17468]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Jan 29 03:16:03 protog-vm nginx[17468]: nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
Jan 29 03:16:04 protog-vm nginx[17468]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Jan 29 03:16:04 protog-vm nginx[17468]: nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
Jan 29 03:16:04 protog-vm nginx[17468]: nginx: [emerg] still could not bind()
Jan 29 03:16:04 protog-vm systemd[1]: nginx.service: Control process exited, code=exited status=1
Jan 29 03:16:04 protog-vm systemd[1]: Failed to start A high performance web server and a reverse proxy server.
Jan 29 03:16:04 protog-vm systemd[1]: nginx.service: Unit entered failed state.
Jan 29 03:16:04 protog-vm systemd[1]: nginx.service: Failed with result ‘exit-code’.
dpkg: error processing package nginx-full (–configure):
subprocess installed post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of nginx:
nginx depends on nginx-full (<< 1.14.1-1~bpo9+1.1~) | nginx-light (<< 1.14.1-1~bpo9+1.1~) | nginx-extras (<< 1.14.1-1~bpo9+1.1~); however:
Package nginx-full is not configured yet.
Package nginx-light is not installed.
Package nginx-extras is not installed.
nginx depends on nginx-full (>= 1.14.1-1~bpo9+1) | nginx-light (>= 1.14.1-1~bpo9+1) | nginx-extras (>= 1.14.1-1~bpo9+1); however:
Package nginx-full is not configured yet.
Package nginx-light is not installed.
Package nginx-extras is not installed.

First try:
sudo apt-get update

Then:
sudo apt-get install certbot python-certbot-nginx -t stretch-backports

Maybe even:
sudo apt-get upgrade

As a last resort, try “apt” wherever you see “apt-get”.

If you’re using Bitnami you probably don’t want python-certbot-nginx from apt, as that will try to pull in nginx from the apt repository as a dependency which will conflict with the nginx that comes with Bitnami.

The tutorial you linked describes two different procedures. The first one is new to me; I guess it must have been added after I last looked there. It seems to be supported by Bitnami so if you used it you might consider asking their support or forums for help. If you followed the second method using lego, you can attempt a manual renewal by following the first part of step 5.

Ok I’ve been reading up more about this and Bitnami doesn’t seem to support certbot. I’m going to attempt the lego process and see if I have better results. Was really hoping to use Certbot as it seems easier to maintain.

I think the issue I’m facing is that there was already a certificate that I issued for this domain, and it expired. Now I feel like I’m trying to issue another certificate for the same domain and that is why it’s failing. It’s not working with the Lego client either.

Could you post the exact error message from Lego?

Before I jump into the “you must upgrade” certbot.
What version is cerbot?
certbot --version

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.