Renew Wildcard certificate and it is already expired

ddragos2001 · October 11, 2022, 7:55am

My domain is:
ilifruct.ro

I ran this command:
./acme.sh --issue -d ilifruct.ro -d '*.ilifruct.ro' --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please --force
and
./acme.sh --renew -d ilifruct.ro -d '*.ilifruct.ro' --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please --force

It produced this output:
Success
... Your cert is in: /root/.acme.sh/ilifruct.ro/ilifruct.ro.cer

My web server is (include version):
Apache/2.4.6 (CentOS)

The operating system my web server runs on is (include version):
CentOS Linux release 7.5.1804 (Core)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
no

Issue:
The certificate is successfully created, downloaded, and installed
The web-browsers says that the certificate is expired.

The command:
openssl x509 -noout -dates -in /root/.acme.sh/ilifruct.ro/ilifruct.ro.cer
returns:

notBefore=Jul  8 00:00:00 2022 GMT
notAfter=Oct  6 23:59:59 2022 GMT

webprofusion · October 11, 2022, 9:15am

Check you are using the latest version of acme.sh,clearly if it thinks it's renewing OK but your file is actually old (check the file date) then a path or permission is wrong somewhere.

ddragos2001 · October 11, 2022, 12:14pm

I performed an update of acme.sh, same result.
Checked the file's date, and it is fine, current date/time
Even deleted the old certificate from /root/.acme/ilifruct.ro/ilifruct.ro.cer and again --issue and --renew
The script downloaded the same certificate as the old one, with identical content, and validity dates (I compared it with one from the backup)

ddragos2001 · October 11, 2022, 12:34pm

Executed:
./acme.sh --remove -d ilifruct.ro
Then removing the directory
/root/.acme/ilifruct.ro
After that --issue and then --renew
the certificate is now a new one, with validity starting today
Problem solved

MikeMcQ · October 11, 2022, 1:57pm

I'll point out that this domain is using ZeroSSL certificates.

If you want to use Let's Encrypt certs refer to the acme.sh docs

Topic		Replies	Views
Tried renew certificate which expires about 5 days Help	6	616	May 12, 2022
My certificate expired and I can not get acme.sh to renew it Help	21	8269	September 12, 2021
Certificate Expiry Date Not Changing after renewal (wildcard) Help	11	2006	February 3, 2021
Certificate renewal Help	4	721	April 3, 2022
Certificate renewal Not Working Help	5	671	May 6, 2020

Renew Wildcard certificate and it is already expired

Related topics