Renew worked, but web server not serving new cert


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://streaming2.popshoplive.com/

I ran this command: certbot renew

It produced this output:
It updated the cert, but I dont have the output any more… buy now it outputs this:


Processing /etc/letsencrypt/renewal/streaming2.popshoplive.com.conf


Cert not yet due for renewal


The following certs are not due for renewal yet:
/etc/letsencrypt/live/streaming2.popshoplive.com/fullchain.pem expires on 2018-11-04 (skipped)
No renewals were attempted.


My web server is (include version): Apache

The operating system my web server runs on is (include version): EC2 Instance with Ubuntu 16

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


#2

Hi,

Can you try to simply restart your Apache? (The certificate is updated, however you will need to reload Apache in order for Apache to pick up the update…)

Thank you


#3

Al ready done, buy still no luck.


#4

This are the files that were generated, maybe I need to recreate the tomcat.cer and truststore.jks

lrwxrwxrwx 1 root root 50 Aug 6 23:56 cert.pem -> …/…/archive/streaming2.popshoplive.com/cert2.pem
lrwxrwxrwx 1 root root 51 Aug 6 23:56 chain.pem -> …/…/archive/streaming2.popshoplive.com/chain2.pem
lrwxrwxrwx 1 root root 55 Aug 6 23:56 fullchain.pem -> …/…/archive/streaming2.popshoplive.com/fullchain2.pem
-rw-r–r-- 1 root root 4450 May 7 15:40 fullchain_and_key.p12
-rw-r–r-- 1 root root 4107 May 7 15:41 keystore.jks
lrwxrwxrwx 1 root root 53 Aug 6 23:56 privkey.pem -> …/…/archive/streaming2.popshoplive.com/privkey2.pem
-rw-r–r-- 1 root root 1570 May 7 15:41 tomcat.cer
-rw-r–r-- 1 root root 1633 May 7 15:48 truststore.jks


#5

Hi @carloshlopez

you have a new certificate, created today:

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:streaming2.popshoplive.com&lu=cert_search

Your site uses the old certificate.

What says:

Certbot certificates

These urls of your file you have to use in your apache configuration.


#6

Found the following certs:
Certificate Name: streaming2.popshoplive.com
Domains: streaming2.popshoplive.com
Expiry Date: 2018-11-04 22:56:27+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/streaming2.popshoplive.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/streaming2.popshoplive.com/privkey.pem



#7

Then use these in your apache conf.

But:

Are there special things?


#8

It’s what was genrated in the begingn first time we installed lets encrytp cert


#9

Now

https://streaming2.popshoplive.com/

works. What was missing?


#10

Regenerate those files did it with old commands


#11

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.