Resetting SSL certificate with bncert-tool for apache does not work

My domain is:

I ran this command: sudo /opt/bitnami/bncert-tool

It produced this output:
2023/02/08 16:26:46 Error while revoking the certificate for domain
acme: error: 403 :: POST :: ::
urn:ietf:params:acme:error:unauthorized :: Certificate is expired

My web server is (include version): apache2

The operating system my web server runs on is (include version):
Linux wordpress-multisite-1-vm 4.19.0-23-cloud-amd64 #1 SMP Debian 4.19.269-1 (2022-12-20) x86_64 GNU/Linu

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

I like to Reset my certificate, since it expired.
So I use the procedure described at
at section ' Resetting the certificates'
For step2 'Modify the Web server configuration' I referred to ' Troubleshooting -> Manually revoking an existing certificate -> Apache' from Learn about the Bitnami HTTPS Configuration Tool

The result is that the dummy certificates are used - but running the bncert-tool to set up new certicates refers again to my old expired certifacates and results in the above error:
acme: error: 403 :: POST :: ::
urn:ietf:params:acme:error:unauthorized :: Certificate is expired

Welcome to the community @Andreas2

I don't know why bncert docs would have you revoke a cert that has already expired. You cannot revoke an expired cert.

I would just ignore that step and try renewing the cert.


Yeah, this was bugging me over some days - but now got it fixed just after opening this issue.

I solved the problem by additionally erasing the directory /opt/bitnami/letsencrypt.


bncert-tool has an automatic/mandatory step in renewing.
That makes such a situation so annoying.
But I just got it solved by removing manually the directory /opt/bitnami/letsencrypt.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.