Peter7
December 20, 2022, 9:03am
1
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: .com
I ran this command: certbot renew --force-renewal --config-dir cert/
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
My web server is (include version): tomcat on docker container
The operating system my web server runs on is (include version): Ubuntu 20.04.5 LTS
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.32.2
rg305
December 20, 2022, 9:54am
4
Hi @Peter7 , and welcome to the LE community forum
First, don't use this without knowing what it does:
Peter7:
--force-renewal
It will not force something that is broken to be fixed.
Please show the outputs of:certbot certificatescat /root/MappingSite/cert/renewal/www.pyinnyar-subuu.com.conf
3 Likes
Peter7
December 20, 2022, 10:10am
6
version shows as 0.40.0. But i have already updated to 1.32.2
rg305
December 20, 2022, 10:11am
7
Peter7:
authenticator = standalone
Please show:netstat -pant | grep -i listen | grep 80
2 Likes
rg305
December 20, 2022, 10:14am
9
You can ignore the numbers shown in the renewal config files - that was the version that created the file.
Please also show:
rg305:
certbot certificates
And also show:curl -4 ifconfig.io
2 Likes
rg305
December 20, 2022, 10:17am
12
That is the right IP.
What shows?:certbot certificates
2 Likes
Peter7
December 20, 2022, 10:19am
13
rg305:
certbot certificates
Sorry I over looked .
Saving debug log to /var/log/letsencrypt/letsencrypt.log
No certificates found.
rg305
December 20, 2022, 10:21am
15
Peter7:
No certificates found.
hmm...renew".
2 Likes
rg305
December 20, 2022, 10:22am
16
Peter7:
I already created firewall rule to allow port 80 in both GCP and IP table. Also checked and it is opened.
Not from where I use the Internet.
curl -Ii4 http://www.pyinnyar-subuu.com/anything
HTTP/1.1 400
Content-Type: text/plain;charset=UTF-8
Connection: close
Is the NAT correct?
2 Likes
rg305
December 20, 2022, 10:23am
18
Did you delete
2 Likes
rg305
December 20, 2022, 10:40am
21
Wait a minute!certbot in the right container?
2 Likes
rg305
December 20, 2022, 10:54am
24
How was it set when you last renewed?
Yeah, I got 400 for every HTTP request.
2 Likes
rg305
December 20, 2022, 10:56am
26
Peter7:
2 3 164 REDIRECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 443
You should never port forward 80 to 443.
Peter7:
It worked as per normal.
Nothing "normal" there.
Revisit your notes.
3 Likes
Peter7
December 20, 2022, 10:56am
27
noted i will revert back to previous rules
1 Like
system
January 19, 2023, 10:57am
28
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
