Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for subdomain.domain.com
Waiting for verification...
Cleaning up challenges
new certificate deployed with reload of nginx server; fullchain is
/etc/letsencrypt/live/subdomain.domain.com/fullchain.pem
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/subdomain.domain.com/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
After that I checked and open the Site through Https but there is still getting the expired ssl warning.
I have reduced the TTL time to 300 on route 53 (AWS)
Can anyone give me the pointers by which I will use https like earlier.
Thanks in advance for the interaction and support.
Why are you running this command? You know it doesn't actually renew the cert, right? That's what the --dry-run means--test everything out, but don't actually renew the cert. If you want to renew the cert, leave that part off.
@danb35 has already told you what you exactly need to do. There's no need to actually give away the literal command.
This also sounds like you don't fully grasp the commands you're entering on your command line, which I find staggering. You should ALWAYS know what any command and ALL the options for that command actually do. I highly recommend you to read the official certbot documentation to grasp all the options you're using, now and in the future.
I'd probably not go that far (though I certainly won't argue that it's a bad idea), but you should certainly know what the options you're specifying do. Presumably OP was following some instruction that said to use --dry-run. The odds approach unity that whatever that instruction was, described what --dry-run does.
I know some users a multi-lingual, but for less fluent english speakers I'm sure the phrase dry-run probably needs some explaining unless you look up the docs, so yes it's a good idea to read the docs page but also the command itself will provide some help: certbot/cli-help.txt at master · certbot/certbot · GitHub
I feel like there's a certain... comedic misunderstanding... going on here as I believe you both actually mean the same thing. I don't think that @Osiris was meaning that @ankit101 should literally digest the entire array of certbot options in the manual before proceeding. I believe he was meaning that one should know what any command and its options mean that one finds in a tutorial before executing that command with those options. Correct me if I'm wrong here, of course, @Osiris. I laughed a little at the "lost in translation" aspect when I saw @webprofusion post about such (in a different context) immediately afterward.
You're absolutely correct @griffin. With "command" I meant the actual full command entered on the command line. Not every possible option to the certbot command itself
The very thought of that makes me a little queasy. I consider myself to be fairly-well versed in "the certbot" and yet some of the more esoteric options still baffle me.