Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: TheCarusoMethod.com MichaelCarusoPT.com
I ran this command:
[root@ip-172-31-24-254 ~]$systemctl stop nginx
[root@ip-172-31-24-254 ~]$certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/thecarusomethod.com.conf
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Renewing an existing certificate for thecarusomethod.com
Performing the following challenges:
http-01 challenge for thecarusomethod.com
Waiting for verification...
Cleaning up challenges
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/thecarusomethod.com/fullchain.pem
Congratulations, all renewals succeeded:
/etc/letsencrypt/live/thecarusomethod.com/fullchain.pem (success)
[root@ip-172-31-24-254 ~]$systemctl start nginx
My web server is (include version): AWS centos
The operating system my web server runs on is (include version): PHP 7.4.29
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site: Wordpress 6.0 (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Sorry I'm such a novice at this and have not had the time to put into learning more.
Certbot was setup by support person but I think they should not have used the standalone version because I have to stop nginx and run renew manually every few months.
Can I work around this to set up auto renew and include both addresses: TheCarusoMethod.com AND MichaelCarusoPT.com ? Thanks
Mike
Deleting these lines and restarting nginx should make your site only work on HTTP:
listen 443 ssl; # managed by Certbot
# RSA certificate
ssl_certificate /etc/letsencrypt/live/thecarusomethod.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/thecarusomethod.com/privkey.pem; # managed by Certbot
# Redirect non-https traffic to https
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
you should be able to run certbot with the instructions here for nginx + centos
Ideally that should work for your needs.
certbot should realize you have active certificates and install them, and I think that should upgrade the renewal.
I'm not 100% sure that would work, but it looks like those are the only https lines, and removing them should be enough of a "reset" to let certbot do it's thing.