Subdomain renew successful but not showing browser

krishnaisdinesh · November 5, 2020, 11:55am

Renewed useing below command.
udo certbot certonly --webroot -w /var/www/promo.edupeer.com/ -d promo.edupeer.com -d https://promo.edupeer.com -d www.promo.edupeer.com

Verifies also using below command.
sudo certbot certificates

Output of verification is as below.

Certificate Name: promo.edupeer.com
Domains: promo.edupeer.com
Expiry Date: 2021-02-03 08:12:20+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/promo.edupeer.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/promo.edupeer.com/privkey.pem

But still in browser showing older date 11th november.

Server Ubuintu, apache

JuergenAuer · November 5, 2020, 11:54am

Hi @krishnaisdinesh

certonly doesn't restart your webserver.

Did you restart your server? That's required to use the new certificate.

griffin · November 5, 2020, 7:09pm

I'm assuming that the missing s in sudo and the inclusion of -d https://promo.edupeer.com were oversights. Let's Encrypt currently does not certify URLs. I'm not sure why you would need to certify www.promo.edupeer.com, but that's up to you.

If JuergenAuer's theory is correct (and I believe it is), you can use the following certbot command to have certbot automatically restart your webserver when your certificate is updated:

sudo certbot certonly --webroot -w /var/www/promo.edupeer.com/ -d "promo.edupeer.com,www.promo.edupeer.com" --deploy-hook "sudo systemctl restart apache2"

Updating your certificate with the command above will also update your renewal configuration to make your automated renewals function correctly:

sudo certbot renew

system · December 5, 2020, 7:06pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.