Renew worked, but web server not serving new cert

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://streaming2.popshoplive.com/

I ran this command: certbot renew

It produced this output:
It updated the cert, but I dont have the output any more… buy now it outputs this:


Processing /etc/letsencrypt/renewal/streaming2.popshoplive.com.conf


Cert not yet due for renewal


The following certs are not due for renewal yet:
/etc/letsencrypt/live/streaming2.popshoplive.com/fullchain.pem expires on 2018-11-04 (skipped)
No renewals were attempted.


My web server is (include version): Apache

The operating system my web server runs on is (include version): EC2 Instance with Ubuntu 16

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

Hi,

Can you try to simply restart your Apache? (The certificate is updated, however you will need to reload Apache in order for Apache to pick up the update…)

Thank you

Al ready done, buy still no luck.

This are the files that were generated, maybe I need to recreate the tomcat.cer and truststore.jks

lrwxrwxrwx 1 root root 50 Aug 6 23:56 cert.pem -> …/…/archive/streaming2.popshoplive.com/cert2.pem
lrwxrwxrwx 1 root root 51 Aug 6 23:56 chain.pem -> …/…/archive/streaming2.popshoplive.com/chain2.pem
lrwxrwxrwx 1 root root 55 Aug 6 23:56 fullchain.pem -> …/…/archive/streaming2.popshoplive.com/fullchain2.pem
-rw-r–r-- 1 root root 4450 May 7 15:40 fullchain_and_key.p12
-rw-r–r-- 1 root root 4107 May 7 15:41 keystore.jks
lrwxrwxrwx 1 root root 53 Aug 6 23:56 privkey.pem -> …/…/archive/streaming2.popshoplive.com/privkey2.pem
-rw-r–r-- 1 root root 1570 May 7 15:41 tomcat.cer
-rw-r–r-- 1 root root 1633 May 7 15:48 truststore.jks

Hi @carloshlopez

you have a new certificate, created today:

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:streaming2.popshoplive.com&lu=cert_search

Your site uses the old certificate.

What says:

Certbot certificates

These urls of your file you have to use in your apache configuration.


Found the following certs:
Certificate Name: streaming2.popshoplive.com
Domains: streaming2.popshoplive.com
Expiry Date: 2018-11-04 22:56:27+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/streaming2.popshoplive.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/streaming2.popshoplive.com/privkey.pem


Then use these in your apache conf.

But:

Are there special things?

It’s what was genrated in the begingn first time we installed lets encrytp cert

Now

https://streaming2.popshoplive.com/

works. What was missing?

Regenerate those files did it with old commands

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.