Replacing certificates with acme.sh

First, I want to thank the team for all their hard work in providing SSL certificates and in dealing with this crisis. I applaud your efforts, and appreciate your service.

I’m also hoping someone can help me. I’m a teacher who volunteers to help non-profits with their technical needs. I am not even close to the technical expertise of all of you, and I only got my SSLs up and running due to the kind and generous help of many of you here. Since I cannot really understand many of the directions I read, I usually need someone to help me translate to something I can actually do.
I just got home from a long day of teaching to discover that I have very little time to figure out how to renew my certificates. I did use the program and verified that these domains need to be renewed.
I believe that I have installed something called acme which has been autorenewing my domains, but I haven’t the slightest clue how to renew them manually.

If my memory serves, I remember needing to go into putty in order to connect to my server, and then typing in a bunch of commands (that someone else helped me with) in order to get the SSL set up initially and then to set up the autorenew.

My question: Are these the commands I’m supposed to enter? I found them among my notes, but my notes didn’t specify if I was entering these commands to renew the ssl for the domain or for setting up the autorenew.

acme.sh --issue --webroot ~/public_html/web/asklepios -d asklepiosresearch.org -d www.asklepiosresearch.org -d asklepiosresearch.com -d www.asklepiosresearch.com --staging
acme.sh --issue --webroot ~/public_html/web/asklepios -d asklepiosresearch.org -d www.asklepiosresearch.org -d asklepiosresearch.com -d www.asklepiosresearch.com --force
export DEPLOY_cPanel_USER=$USER
acme.sh --deploy --deploy-hook cpanel_uapi -d asklepiosresearch.org -d www.asklepiosresearch.org -d asklepiosresearch.com -d www.asklepiosresearch.com

If this is correct, then I can just enter these commands for each of the four domains that appear impacted. If not, can someone tell me what to type in? I am in putty and connected to my server, I just don’t know what to type in.

Thanks in advance
CJ Rhoads

3 Likes

:heart:

That’s awesome, thank you for your work!

Yep, that’s correct.

The commands you provided do look like the correct commands to me. If you run into errors, you might need to first become root by typing su and hitting enter, or running sudo su.

5 Likes

I will try them.
I am on a shared GoDaddy server, and don’t have su rights. That’s why I had to use acme instead of certbot. But thanks. I was afraid to type in those commands without verification that they are what I’m supposed to be doing. I’ll let you know if it appears to work.

3 Likes

Well, I tried it. But it keeps timing out. This is the error message I get:
asklepiosresearch.com:Verify error:Fetching http://asklepiosresearch.com/.well-known/acme-challenge/VexlzIREokr_RAeaZH3LHOAA3ACGWG5xe14ouDFPcAg: Timeout during connect (likely firewall problem)
[Tue Mar 3 17:57:05 MST 2020] Please add ‘–debug’ or ‘–log’ to check more details.
[Tue Mar 3 17:57:05 MST 2020] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh

Is this something that I’m doing, or just the fact that thousands of others are trying to renew their domains and the server is overwhelmed?

2 Likes

Oop - not a problem with an overwhelmed server, but just a problem with my memory. There were a couple of domains that I had either dropped or moved and they were still in the list. Obviously they didn’t respond when challenged. I took those domains out of the list and now everything appears to be working fine.

Thanks so much jsha for taking the time to help me. Especially when you are so busy with sites that are much more important than my little non-profit sites. I really appreciate it.

Peace
CJ Rhoads

5 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.