This is the same script that I have used before successfully.
After I ran it, I received the following…
- Congratulations! Your certificate and chain have been saved at:
Your key file has been saved at:
Your cert will expire on 2017-11-13. To obtain a new or tweaked
version of this certificate in the future, simply run
letsencrypt-auto again. To non-interactively renew all of your
certificates, run “letsencrypt-auto renew”
script: sudo -H ./letsencrypt-auto certonly --standalone --renew-by-default -d oakleaf.co.uk -d www.oakleaf.co.uk
Is it just taking longer than usual or is there something wrong?
When you use
--standalone, your web server isn’t restarted for you unless you specify a
--renew-hook command to restart it. The web server doesn’t notice changed certificates until it’s restarted.
So, if you restart your web server, it should see the new certificate.
The presence of the
-0001 also means that you have more than one Certbot-managed certificate related to this domain. This might not have been what you intended. You can see the details of what you have by running
./letsencrypt-auto certificates. If your web server is configured to use the other one, renewing this one won’t affect the web server configuration at all.
I would double check that your nginx server is using the right path to
privkey.pem files. It is
/etc/letsencrypt/live/oakleaf.co.uk-0001/ and maybe in your nginx conf you are using
/etc/letsencrypt/live/oakleaf.co.uk/ without the trail -0001.
Thanks for the help. Unfortunately, the reboot didn’t work.
Below is my list of certs and it does look as though there are two, one with the -0001 and one without.
Could I ask what is the best way of solving this?
Found the following certs:
Certificate Name: www.shopvacuk.com
Expiry Date: 2017-10-24 06:18:00+00:00 (VALID: 69 days)
Certificate Path: /etc/letsencrypt/live/www.shopvacuk.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.shopvacuk.com/privkey.pem
Certificate Name: oakleaf.co.uk-0001
Expiry Date: 2017-11-13 14:50:00+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/oakleaf.co.uk-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/oakleaf.co.uk-0001/privkey.pem
Certificate Name: oakleaf.co.uk
Expiry Date: 2017-08-13 07:26:00+00:00 (INVALID: EXPIRED)
Certificate Path: /etc/letsencrypt/live/oakleaf.co.uk/fullchain.pem
Private Key Path: /etc/letsencrypt/live/oakleaf.co.uk/privkey.pem
Certificate Name: shopvacuk.com
Expiry Date: 2017-10-19 12:46:00+00:00 (VALID: 64 days)
Certificate Path: /etc/letsencrypt/live/shopvacuk.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/shopvacuk.com/privkey.pem
Certificate Name: dev.shopvacuk.com
Expiry Date: 2017-09-23 08:51:00+00:00 (VALID: 38 days)
Certificate Path: /etc/letsencrypt/live/dev.shopvacuk.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/dev.shopvacuk.com/privkey.pem
Certificate Name: dev.oakleaf.co.uk
Expiry Date: 2017-09-23 08:54:00+00:00 (VALID: 38 days)
Certificate Path: /etc/letsencrypt/live/dev.oakleaf.co.uk/fullchain.pem
Private Key Path: /etc/letsencrypt/live/dev.oakleaf.co.uk/privkey.pem
Do you you want to have the separate versions with and without
Sorry for the delay, I had to go out. No the dev site is finished now.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.