Renew an already expired certificate

Hello,

I have a one-click wordpress site that is hosted through DigitalOcean. When I initially created the droplet with the wordpress install, I was asked if I wanted to secure the site vie certbot/LetEncrypt. I selected Yes. Everything was working perfectly…for 90 days. I was under the impression that it had auto-renew turned on. I’ve never had this happen to any of the other sites I have secured through certbot. They have always auto renewed. Anyways I looked around the community and couldn’t find an answer to my problem. I have tried removing certbot, renewing, deleting my expired certificate, and none of it seems to work. Every time I try to renew or generate a new certificate, I get errors. (shown below) Any help is appreciated. All I am trying to do is renew an already expired certificate.

My domain is: www.phdesigns.io

I ran this command: sudo certbot renew, certbot delete

It produced this output:


Attempting to renew cert (phdesigns.io) from /etc/letsencrypt/renewal/phdesigns.io.conf produced an unexpected error: Failed authorization procedure. phdesigns.io (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://phdesigns.io/.well-known/acme-challenge/Uhci4BS3sHaCre72o59Ag4SkSWOM6dBqOywhB7RJg9E [164.90.149.88]: “\n\n<html lang=“en-US” class=“no-js”>\n\n\n\t<meta ch”. Skipping.

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/phdesigns.io/fullchain.pem (failure)
/etc/letsencrypt/live/www.phdesigns.io/fullchain.pem (failure)


(I’ve also made sure and triple checked my AA records and all are pointing to the servers correct IP address.)

My web server is (include version): apache 2.4.29

The operating system my web server runs on is (include version): Ubuntu 18.04

My hosting provider, if applicable, is: Digital Ocean

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.31.0

1 Like

Hi @aceington

if that command doesn’t work, Certbot may not understand your config.

What says

apachectl -S

Every combination of port and domain name must be unique. If you see duplicated entries -> fix that.

2 Likes

AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1. Set the ‘ServerName’ directive globally to suppress this message
VirtualHost configuration:
*:443 phdesigns.io (/etc/apache2/sites-enabled/000-default-le-ssl.conf:2)
*:80 phdesigns.io (/etc/apache2/sites-enabled/000-default.conf:4)
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“www-data” id=33
Group: name=“www-data” id=33


I haven’t edited any config files. I’ve just kept them the way they were installed from DigitalOcean One-Click Wordpress. I haven’t changed IP’s or updated any firewall setting either.

1 Like

@JuergenAuer

Is here is my output when I type command: apachectl -S


AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1. Set the ‘ServerName’ directive globally to suppress this message
VirtualHost configuration:
*:443 phdesigns.io (/etc/apache2/sites-enabled/000-default-le-ssl.conf:2)
*:80 phdesigns.io (/etc/apache2/sites-enabled/000-default.conf:4)
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“www-data” id=33
Group: name=“www-data” id=33


It looks like the ports and domain names are all unique. Also I added:


ServerName localhost


to my apache2.conf file

It’s still not allowing me to renew and I’m still getting the same acme authorization error. Is there anyway I can remove all certificates, delete/revoke, and just generate new certificates? I havent touched any config files since the initial WordPress install…thanks for your help.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.