Renew command terminal


#1

Please see:

With which command in terminal I can renew the certificate?

Thank you for the answer,

Best regards,

John


#2

Hi @Johnletsencrypt

you can use the same command. Or

certbot renew

But don’t forget to open your router.


#3

When I type this command, I get the following message:

Command ‘certbot’ not found, but can be installed with:

sudo apt install certbot

Pleas ask your administrator

I used the instal snap nextcloud on ubuntu. So there also is ‘cron’?

What can I do?


#4

Check your first topic:

Certbot = Letsencrypt = certbot-auto.

You have an installation with “Letsencrypt”, so use that. The code is the same, but the starting points are different.


#5

Maybe kind of stupid but I am a beginner and I don’t know what to do after your reply.
Is the command: letsencrypt renew?
Or should I start with: sudo nextcloud.enable-https lets-encrypt?..and after that letsencrypt renew?


#6

Yes. If I use “certbot”, then replace this with “letsencrypt”.


#7

I did open the router port 80, also on the computer. Commands as rootuser.
Did letsencrypt renew: the reaction: no renewals were attempted

I installed certbot and certbot renew… then the same reaction.

I have tried several times.

What could be the solution?

Ohh…When I look now at ssl servertest I see that the certificate is renewed!!


#8

Your port 80 doesn’t answer. But your https / www - version works:

http://onderwegnaarmorgen.com/ -14 10.030 T
Timeout - The operation has timed out
http://www.onderwegnaarmorgen.com/ -14 10.027 T
Timeout - The operation has timed out
https://www.onderwegnaarmorgen.com/ 302 https://www.onderwegnaarmorgen.com/index.php/login 0.724 A
https://onderwegnaarmorgen.com/ 400 0.943 N
Bad Request
Certificate error: RemoteCertificateNameMismatch
https://www.onderwegnaarmorgen.com/index.php/login 200 0.157 A
http://onderwegnaarmorgen.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de -14 10.023 T
Timeout - The operation has timed out
http://www.onderwegnaarmorgen.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de -14 10.024 T
Timeout - The operation has timed out

And your certificate is new:

CN=www.onderwegnaarmorgen.com
21.11.2018
19.02.2019
www.onderwegnaarmorgen.com - 1 entries

Perhaps you should create one certificate with both domain names (www + non-www) and use that. The non-www version has the wrong certificate and throws an 400 error.


#9

I have renewed the certificate with the command:
sudo nextcloud.enable-https lets-encrypt
After this renew I have directly closed port 80 again in my router and computer.
Whats the advantage to have a domain with non-www?
Thank you for your help.


#10

If you have a public domain with extern users:

Then every domain name you have defined in your dns settings should answer via port 80 and port 443 without any error.

So you have 2 domain names and 2 protocols -> 4 combinations (http + non-www, http + www, https + non-www, https + www), all should answer correct, three with a 301 redirect, one https with a http status 200.

If it is only a private domain without any external user, it’s not so relevant.


#11

Oke, thats clear. Thank you for your help.