SSL renew issue

I have website which is already configured for HTTPS but now my ssl certificate is expired which was obtained from letsencrpty ssl.

What I tried:

I try following command to renew but everytime I got error

Note: I want to allow ssl on domain with port e.g api.ortalent-assessment.com:3001

Command which is used: sudo certbot --nginx -d api.ortalent-assessment.com:3001

Hi @wajid

your command is wrong. A certificate doesn't have informations about a port.

Create a certificate, then you can use it with every port you want.

1 Like

Thank you for response can you please tell me correct command for renew and

my question is when i open https://api.ortalent-assessment.com without port it show me valid ssl

but when i open with port https://api.ortalent-assessment.com:3001/ it show me invalid

can you please open both in browser then you will got my point

You have already a valid certificate.

So

  • you don't need a second certificate,
  • install the same certificate on your other port
  • that's not a standard port, so you have to do that manual, check your port 443 to understand how to do that.
1 Like

Looking at the certificate log, you've got plenty of valid certificates for your hostname:

https://crt.sh/?q=api.ortalent-assessment.com&deduplicate=y

If your Express (Node.Js?) server isn't using the newly renewed certificate, this can be due to a few things:

  • Perhaps Express isn't configured properly, so it points to a certificate file which wasn't updated when your certificate was renewed;
  • Perhaps you just need to reload your Express server, so it loads the renewed certificate, if it's properly configured.

Note that as @JuergenAuer already said: certificates are port agnostic, they are only coupled to hostnames. So you don't require separate certificates for different ports!

Also, you've got three Let's Encrypt certificates from March 20th. If the issuance of the certificate was without problems, but the installation isn't done properly, it doesn't help to keep re-issuing new certificates, as the problem was not with the issuance in the first place, but a step in the process afterwards. Please don't re-issue certificates if the problem is with the installation of the certificate.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.