Revoke ssl but files are deleted

LinkOrchard · August 13, 2019, 3:58pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
cheaptextbooks.com

I ran this command:
sudo certbot delete --cert-name cheaptextbooks.com

certbot revoke --cert-path /etc/letsencrypt/archive/cheaptextbo oks.com/cert1.pem

It produced this output:
certbot: error: argument --cert-path: No such file or directory
You have new mail in /var/mail/root

My web server is (include version):
ubunutu
The operating system my web server runs on is (include version):
apache2
My hosting provider, if applicable, is:
digitalocean
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
yes
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.31.0

Phil · August 13, 2019, 4:02pm

That file path appears to have a space in it. What is the output of
ls -al /etc/letsencrypt/archive/cheaptextbooks.com

JuergenAuer · August 13, 2019, 4:03pm

Hi @LinkOrchard

if you delete a certificate, there is no need to revoke it.

And you don’t need to revoke a certificate if the private key isn’t stolen.

LinkOrchard · August 13, 2019, 4:05pm

Hi @JuergenAuer ok that is good news! But the new host says the old cert is still there?
How do we check the SSL on cheaptextbooks.com?

JuergenAuer · August 13, 2019, 4:10pm

Read the output - https://check-your-website.server-daten.de/?q=cheaptextbooks.com

You have already created three certificates

Issuer	not before	not after	Domain names
Let's Encrypt Authority X3	2019-08-13	2019-11-11	cheaptextbooks.com
1 entries	duplicate nr. 3
Let's Encrypt Authority X3	2019-08-13	2019-11-11	cheaptextbooks.com
1 entries	duplicate nr. 2
Let's Encrypt Authority X3	2019-08-12	2019-11-10	cheaptextbooks.com
1 entries	duplicate nr. 1
Let's Encrypt Authority X3	2019-06-06	2019-09-04	cheaptextbooks.com
1 entries

but you use a self signed certificate:

CN=cheaptextbooks.allhotels.com
	09.02.2018
	09.02.2019
185 days expired	cheaptextbooks.allhotels.com, 
cheaptextbooks.com, mail.cheaptextbooks.com, 
www.cheaptextbooks.allhotels.com, www.cheaptextbooks.com - 5 entries

So install your new certificate. Hope you didn't delete it, there is a rate limit.

LinkOrchard · August 13, 2019, 4:17pm

This is the one at the new host. Is that still active? She kept on saying she could not put on the SSL because the old one was there.

I did not delete this ssl @JuergenAuer .. is cheaptextbooks.com.allhotels.com cert still there? Could you please also tell me what is the cert limit per domain.

Thank you!

JuergenAuer · August 13, 2019, 4:19pm

That's a self signed and expired certificate. And you have a loop, so it's impossible to use your site.

Check

LinkOrchard · August 13, 2019, 4:41pm

And you have a loop, so it’s impossible to use your site.

How do I get rid of this @JuergenAuer ?

Domain is propagating to a new host, hostgator, I am going to to do what I should of done and buy an SSL. Right now I am paying if anyone can help me fixit.

JuergenAuer · August 13, 2019, 5:33pm

Please check the output of https://check-your-website.server-daten.de/?q=cheaptextbooks.com#url-checks

There is a direct loop https + non-www -> https + non-www.

LinkOrchard · August 13, 2019, 5:51pm

Thanks @Juergen – I think that issue of looping is caused by propagation issues. The domain was at networksolutions and I changed the nameservers to hostgator a few hours ago only.

The person in hostgator said they were able to set up new SSL, likewise also for allhotels.com.

Thanks for your help, any further advice or help appreciated!

LinkOrchard · August 14, 2019, 3:26am

@Juergen the server was spitting out certs.

JuergenAuer · August 14, 2019, 6:15am

The loop is now fixed, that’s good.

Both domains have the same problem: There is only a certificate with the non-www version, the www-version isn’t included.

But you have www A records, so the www version isn’t secure - https://check-your-website.server-daten.de/?q=cheaptextbooks.com

CN=cheaptextbooks.com
	13.08.2019
	11.11.2019
expires in 89 days	cheaptextbooks.com - 1 entry

Maybe a problem if users add www.

LinkOrchard · August 14, 2019, 1:25pm

Thank you again @JuergenAuer we are doing some work on this tonight, and hopefully we can fix this. Great news the loop is fixed.

I think at DigitalOcean we always force the www- website on to https:// using the virtual hosts – does this not fix the issue?

Best regards,

Alan

JuergenAuer · August 14, 2019, 2:51pm

That doesn't help. A certificate with the www-domain name is required, so the redirect https + www -> https + non-www can work.

First comes the certificate, then the server is able to send the http status 301 - Redirect.

system · September 13, 2019, 2:51pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Deletion of certs Help	9	268	July 12, 2024
Revoking Domain Certificate of a dismantled unix server Help	5	420	November 4, 2020
Certificates revoke after deleting Help	4	1389	June 7, 2020
Certificate revoked Help	2	1117	March 27, 2022
How to delete certificate if I delele VPS? Help	5	472	June 24, 2020

Revoke ssl but files are deleted

Related topics