SSL Certificate Expired, But Cannot Renew

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=taruhaneuro2020.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
taruhaneuro2020.com
I ran this command:
certbot renew
It produced this output:
The following certs are not due for renewal yet:
/etc/letsencrypt/live/taruhaneuro2020.com/fullchain.pem expires on 2020-03-01 (skipped)
No renewals were attempted.

My web server is (include version):
using Easyengine 4
The operating system my web server runs on is (include version):
ubuntu 18
My hosting provider, if applicable, is:
digitalocean
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):certbot 0.23.0

Why I cant used the renewed ssl can some one help

2

Hi @caknoris

there is a check of your domain, ~~ one hour old - https://check-your-website.server-daten.de/?q=taruhaneuro2020.com

There are two certificates

Issuer not before not after Domain names LE-Duplicate next LE
Let's Encrypt Authority X3 2019-10-13 2020-01-11 taruhaneuro2020.com
1 entries
Let's Encrypt Authority X3 2019-09-03 2019-12-02 taruhaneuro2020.com
1 entries

you use the second, that's expired. But the first certificate isn't the certificate your command shows.

But

that's impossible, a Letsencrypt certificate is 90 days valid, not 2020-03-01.

First step: What says

certbot certificates

Second: How works Easyengine? How did you install the previous certificate? Perhaps only a restart is required to use the newer certificate.

3

Hi

certbot certificates shows this

Blockquote
Found the following certs:
Certificate Name: taruhaneuro2020.com
Domains: taruhaneuro2020.com
Expiry Date: 2020-03-01 19:45:20+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/taruhaneuro2020.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/taruhaneuro2020.com/privkey.pem

If im not forgot im using this command

Blockquote
ee site update yourdomain.com --letsencrypt

4

Sorry, false alarm - we have the 2019-12-02, so it's possible :wink:

So you have a new certificate. How works that Easyengine?

There is a nginx. Did you restart the nginx?

What says

nginx -T

PS:

Puh, is this a script of your hoster? Are there error messages? Is there an update?

Your Certbot is terrible old. So your global configuration may be old.

5

hi Im not using any nginx so when i used nginx -T, its shows

Command 'nginx' not found, but can be installed with:

apt install nginx-core
apt install nginx-extras
apt install nginx-full
apt install nginx-light

6

Your check - https://check-your-website.server-daten.de/?q=taruhaneuro2020.com - has a nginx header:

Server: nginx
Date: Mon, 02 Dec 2019 20:05:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Link: https://taruhaneuro2020.com/wp-json/; rel="https://api.w.org/",https://taruhaneuro2020.com/; rel=shortlink
X-SRCache-Fetch-Status: HIT
X-SRCache-Store-Status: BYPASS
Content-Encoding: gzip
X-Powered-By: EasyEngine v4.0.14

PS: Searching a little bit:

There

is your command. Perhaps it's required to update your script. Check, if there is an update.

7

Hi thx for your trouble shooting, im finally got how to fixed it

Im just need to rename the old certificate on /opt/easyengine/services/nginx-proxy/certs to somethings new and then used the command

ee site ssl-renew taruhaneuro2020.com

Im already try this before, but forgot, because the trouble shooting, im found again how to renew the ssl