rm or unlink command?
on
/opt/bitnami/apache2/conf/server.key
Add the parameter f to force the creation of the symbolic link
Thanks Juergen
Done.
What is next?
Now the following command should work
sudo /opt/bitnami/ctlscript.sh stop
Please see the response:
Follow the next steps in that documentation.
TONS of thanks
In the said documentation, I will start at Step 8: Move the Let’s Encrypt certificate files to the Apache directory.
Is that correct???
No just enter
sudo /opt/bitnami/ctlscript.sh start
And continue with steep 9
Now your site works - https://check-your-website.server-daten.de/?q=arab.academy
A Grade C isn't perfect, but it's ok.
The certificate
CN=arab.academy
01.06.2019
30.08.2019
expires in 89 days
*.arab.academy, arab.academy - 2 entries
works with both domain names, the chain is correct. And there are no cricitical content warnings.
Your site works, so you have done the last step -> restarting your Bitnami.
Thanks a lot Juergen. You helped me to resume my site.
Should I rum Step 7 to auto renew the certificate?
When I done it before, I failed.
If I shoudl do it, could you please advise where are the spaces in the following command?
0 1 * * * sudo certbot renew && sudo /opt/bitnami/ctlscript.sh restart apache
Do I need to reboot the Wordpress instance from the Lighsail admin?
Do you have suggestions to better my site from Grade C to A ?
The main problem is that the renew doesn't work.
Checking your older certificates the problem is visible ( https://check-your-website.server-daten.de/?q=arab.academy#ct-logs ):
CRT-Id | Issuer | not before | not after | Domain names | LE-Duplicate | next LE |
---|---|---|---|---|---|---|
1530835098 | CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US | 2019-06-01 10:48:08 | 2019-08-30 10:48:08 | *.arab.academy, arab.academy | ||
2 entries | duplicate nr. 2 | |||||
1527397824 | CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US | 2019-05-31 10:04:43 | 2019-08-29 10:04:43 | *.arab.academy, arab.academy | ||
2 entries | duplicate nr. 1 | |||||
1246490761 | CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US | 2019-02-28 21:23:38 | 2019-05-29 20:23:38 | *.arab.academy, arab.academy | ||
2 entries | ||||||
987805396 | CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US | 2018-11-29 17:13:45 | 2019-02-27 17:13:45 | *.arab.academy, arab.academy | ||
2 entries |
First wildcard ended 2019-02-27, the next is from 2019-02-28.
That ended 2019-05-29, next was from 2019-05-31.
There is always an interruption, that's bad.
Letsencrypt certificates are 90 days valid, Certbot renews certificates, if they are max. 30 days valid.
But the tutorial uses --manual
to create a certificate, so automatic renew can't work. So the tutorial is wrong or incomplete. Or the $DOMAIN and $WILDCARD should be set, so the renew may work.
So you have to start the renew with
Step 3: Request a Let’s Encrypt SSL wildcard certificate
Do this in 60 - 85 days, before the current certificate expires. Now your domain uses the latest certificate, so you should renew the certificate max. 2019-08-25.
Thanks JuergenAuer
Thank you very much.
So, I will renew the certificate so days before it expire by startling at Step 3 in the tutorial., with bypassing the Step 7, all the way down to the last step, and repeating that every time before the expire date.
That means there is no automatic renewal way.
Are you sure that you have done the Step 7 correctly? That is the step that enables automatic renewal. Check that step to be 100% sure that it has been done correctly.
If renewal dosen’t work till 2019-08-25 use this command:
sudo certbot renew && sudo /opt/bitnami/ctlscript.sh restart apache
Thats all you - don’t need to do the complete manual every time.
- Could you please re-write Step 7 for me with clarified spaces. I think my error came from not recognizing the spaces correctly.
- How do I know if the renewal is done?
Best regards
Engineer: Abdel-Halim Mahmoud
• Evaluators Board Member, Baldrige Performance Excellence Award, MN, USA
• Scrum Master & Coach
• Certified PDRI Facilitator, Projects Planning Risk Control, Arizona State University, USA
• TeamSTEPPS Certified Master Trainer, USA Agency for Healthcare Research & Quality
Email: ceo@EgyptExcellence.commailto:ceo@EgyptExcellence.com | Web: www.EgyptExcellence.comhttp://www.egyptexcellence.com/
Phone: +1-602-6667511 - Reserve Free Consultationhttps://outlook.office365.com/owa/calendar/AbdelHalimMahmoud%40EgyptEurope.onmicrosoft.com/bookings/
[https://lh3.googleusercontent.com/-w7grZc1Zp3I/UQStjEXJj6I/AAAAAAAAABs/FYyuyOI5SPg/s160/btn_myprofile_160x33.png]https://www.linkedin.com/in/halimconsult/
- Just make sure to copy the commands 1:1 from the manual
- Goto
https://check-your-website.server-daten.de/?q=arab.academy#ct-logs
under 6.1 you will find the “not before” with a current value “2019-06-01 […]” after the renewal that is changed e.g. to “2019-08-25 […]” you properbly need to re-run the test at the test in oder to get the latest results - just go to the upper end of that page and hit the check button
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.