Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: sportswil.no, but i also have beeincity.no, beeistro.no and goalsofheightandheart.no with the same issue.
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): Certbot
I´m using Amazon Lightsail instance for my sites. I have recently not beeing able to visit my site on Safari. So i tried to delete the sertifikate and to instal new. Maybe I shoud start from the beginning, but what would be the steps to do that. It says that the certificate has been revoked.
Im not so sure on the following commands. I am only using the terminal in Amazon Lightsail,
I have an Approach A i know and been using certbot.
When did you install certbot?
Are you using a bitnami image?
If your answers are "recently" and "yes" then read this: Early renewal for bncert (bitnami) - #24 by hellogossh
3 out of the 4 sites you mentioned are affected by a recent incident with the
tls-alpn-01 challenge, leading to a mass revocation. If your ACME account was registered with a valid and currently working email address, that email address would have given a notice for this.
See the following output of the testing application specially designed for help with the aformentioned mass revocation (https://tls-alpn-check.letsencrypt.org/checkhost):
[sportswil.no]: The certificate retrieved from your web server has serial 03f30ce65553eb216622e54fcfc1b409459a and was found in our affected data set. Please renew your certificate as soon as possible. Help is available at Questions about Renewing before TLS-ALPN-01 Revocations
[beeincity.no]: FQDN was not found in the impacted list.
[beeistro.no]: The certificate retrieved from your web server has serial 047af26addcc7016a81d343c1757aec7c5f4 and was found in our affected data set. Please renew your certificate as soon as possible. Help is available at Questions about Renewing before TLS-ALPN-01 Revocations
[goalsofheightandheart.no]: The certificate retrieved from your web server has serial 04d1bf976e9d467370443a93e1a28e50b5af and was found in our affected data set. Please renew your certificate as soon as possible. Help is available at Questions about Renewing before TLS-ALPN-01 Revocations
Strange thing is though: Certbot can't be affected by that incident, as it can't even use the
tls-alpn-01 challenge. Have you used a different ACME client in the recent past?
Also, your site beeincity.no isn't affected.
This was I think a year ago or more. I tried to commands for the site sportswil.no, and the site is still note fine yet. Bitnami Image, im not that sure of. How can I check that. I know in the terminal its says Bitnami.
Ok, read that post and follow those instructions.
You are right, beeincity.no looks fine. I might have mixed some certbot installation with the ones that are recommended by Bitnami if that helps.
Please see the following thread to renew your certificate(s) using the Bitnami tool:
You probably need to read the entire thread, I'm not a Bitnami user (luckily) and I don't know where the exact answer in the thread is.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.