Renouvellement de certificat

I delete file and after acme.sh --force --standalone --issue -d cloud.hugoclo411.xyz --keylength ecc-384

1 Like

or allow acme.sh to remove it for you:
it may be:
acme.sh --remove cloud.hugoclo411.xyz

if not, show list of cert names:
acme.sh --list
acme.sh --remove {your cert name}

1 Like

Main_Domain KeyLength SAN_Domains Created Renew
chat.hugoclo411.xyz “ec-384” no Mon Dec 17 18:15:44 UTC 2018 Fri Feb 15 18:15:44 UTC 2019
cloud.hugoclo411.xyz “” no
pyload.hugoclo411.xyz “ec-384” no Thu Nov 1 08:53:29 UTC 2018 Mon Dec 31 08:53:29 UTC 2018

1 Like
1 Like

acme.sh --remove -d cloud.hugoclo411.xyz --ecc
[Mon Dec 17 22:46:15 CET 2018] cloud.hugoclo411.xyz is removed, the key and cert files are in /root/.acme.sh/cloud.hugoclo411.xyz_ecc
[Mon Dec 17 22:46:15 CET 2018] You can remove them by yourself.

1 Like

ls -l /root/.acme.sh/cloud.hugoclo411.xyz_ecc

1 Like

ls -l /root/.acme.sh/cloud.hugoclo411.xyz_ecc
total 8
-rw-r–r-- 1 root root 162 Dec 17 22:35 cloud.hugoclo411.xyz.conf.removed
-rw-r–r-- 1 root root 215 Dec 17 22:35 cloud.hugoclo411.xyz.csr.conf
-rw-r–r-- 1 root root 0 Dec 17 22:35 cloud.hugoclo411.xyz.key

key remains
it must go or rename it too.

1 Like

Then:

also openssl version look good.

1 Like

/.acme.sh# acme.sh --force --standalone --issue -d cloud.hugoclo411.xyz --k ec-384
[Mon Dec 17 22:58:01 CET 2018] Unknown parameter : --k

1 Like

Main_Domain KeyLength SAN_Domains Created Renew
chat.hugoclo411.xyz “ec-384” no Mon Dec 17 18:15:44 UTC 2018 Fri Feb 15 18:15:44 UTC 2019
cloud.hugoclo411.xyz “ec-384” no Mon Dec 17 21:59:03 UTC 2018 Fri Feb 15 21:59:03 UTC 2019
pyload.hugoclo411.xyz “ec-384” no Thu Nov 1 08:53:29 UTC 2018 Mon Dec 31 08:53:29 UTC 2018

1 Like

This is strange.
I use -k all the time with acme.sh

But I see that you got a new cert?:

Not:
double dash K (--k)
should be:
single dash K (-k)

2 Likes
1 Like

-rw-r--r-- 1 root root 1647 Dec 17 23:08 ca.cer
-rw-r--r-- 1 root root 1688 Dec 17 23:08 cloud.hugoclo411.xyz.cer
-rw-r--r-- 1 root root 516 Dec 17 23:08 cloud.hugoclo411.xyz.conf
-rw-r--r-- 1 root root 538 Dec 17 23:08 cloud.hugoclo411.xyz.csr
-rw-r--r-- 1 root root 215 Dec 17 23:08 cloud.hugoclo411.xyz.csr.conf
-rw-r--r-- 1 root root 359 Dec 17 23:08 cloud.hugoclo411.xyz.key
-rw-r--r-- 1 root root 3335 Dec 17 23:08 fullchain.cer

1 Like

Beautiful!

File:
/etc/nginx/sites-enabled/nextcloud.conf
contians:
ssl_certificate /root/.acme.sh/cloud.hugoclo411.xyz_ecc/fullchain.cer;
ssl_certificate_key /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key;

And both files now exist!

restart web server.

1 Like

ssl_certificate /root/.acme.sh/cloud.hugoclo411.xyz_ecc/fullchain.cer;
ssl_certificate_key /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key;

1 Like

The files are good.

systemclt start nginx;

if fail, then show:
nginx -t
If it works, go have a bottle of wine!

1 Like

nginx: [emerg] PEM_read_bio_X509_AUX("/root/.acme.sh/chat.hugoclo411.xyz_ecc/fullchain.cer") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: configuration file /etc/nginx/nginx.conf test failed

1 Like

Well that is unfortunate - we going in circles, it seems.

Ok, please show:

openssl ec   -pubout -in /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key
openssl x509 -pubkey -in /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.cer
1 Like