The server.crt does not exist or is empty + The http does not exist

rm or unlink command?
on
/opt/bitnami/apache2/conf/server.key

Add the parameter f to force the creation of the symbolic link

1 Like

Thanks Juergen
Done.

What is next?
image

Now the following command should work

sudo /opt/bitnami/ctlscript.sh stop

Please see the response:
image

Follow the next steps in that documentation.

https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-using-lets-encrypt-certificates-with-wordpress#complete-the-prerequisites-lets-encrypt-wordpress

TONS of thanks
In the said documentation, I will start at Step 8: Move the Let’s Encrypt certificate files to the Apache directory.

Is that correct???

No just enter

sudo /opt/bitnami/ctlscript.sh start

And continue with steep 9

Now your site works - https://check-your-website.server-daten.de/?q=arab.academy

A Grade C isn't perfect, but it's ok.

The certificate

CN=arab.academy
	01.06.2019
	30.08.2019
expires in 89 days	
*.arab.academy, arab.academy - 2 entries

works with both domain names, the chain is correct. And there are no cricitical content warnings.

Your site works, so you have done the last step -> restarting your Bitnami.

Thanks a lot Juergen. You helped me to resume my site.
Should I rum Step 7 to auto renew the certificate?
When I done it before, I failed.
If I shoudl do it, could you please advise where are the spaces in the following command?

0 1 * * * sudo certbot renew && sudo /opt/bitnami/ctlscript.sh restart apache

1 Like

Do I need to reboot the Wordpress instance from the Lighsail admin?
Do you have suggestions to better my site from Grade C to A ?

1 Like

The main problem is that the renew doesn't work.

Checking your older certificates the problem is visible ( https://check-your-website.server-daten.de/?q=arab.academy#ct-logs ):

CRT-Id Issuer not before not after Domain names LE-Duplicate next LE
1530835098 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-06-01 10:48:08 2019-08-30 10:48:08 *.arab.academy, arab.academy
2 entries duplicate nr. 2
1527397824 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-05-31 10:04:43 2019-08-29 10:04:43 *.arab.academy, arab.academy
2 entries duplicate nr. 1
1246490761 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-02-28 21:23:38 2019-05-29 20:23:38 *.arab.academy, arab.academy
2 entries
987805396 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2018-11-29 17:13:45 2019-02-27 17:13:45 *.arab.academy, arab.academy
2 entries

First wildcard ended 2019-02-27, the next is from 2019-02-28.

That ended 2019-05-29, next was from 2019-05-31.

There is always an interruption, that's bad.

Letsencrypt certificates are 90 days valid, Certbot renews certificates, if they are max. 30 days valid.

But the tutorial uses --manual to create a certificate, so automatic renew can't work. So the tutorial is wrong or incomplete. Or the $DOMAIN and $WILDCARD should be set, so the renew may work.

So you have to start the renew with

Step 3: Request a Let’s Encrypt SSL wildcard certificate

Do this in 60 - 85 days, before the current certificate expires. Now your domain uses the latest certificate, so you should renew the certificate max. 2019-08-25.

Thanks JuergenAuer
Thank you very much.
So, I will renew the certificate so days before it expire by startling at Step 3 in the tutorial., with bypassing the Step 7, all the way down to the last step, and repeating that every time before the expire date.

That means there is no automatic renewal way.

1 Like

Are you sure that you have done the Step 7 correctly? That is the step that enables automatic renewal. Check that step to be 100% sure that it has been done correctly.

If renewal dosen’t work till 2019-08-25 use this command:

sudo certbot renew && sudo /opt/bitnami/ctlscript.sh restart apache

Thats all you - don’t need to do the complete manual every time.

1 Like
  1. Could you please re-write Step 7 for me with clarified spaces. I think my error came from not recognizing the spaces correctly.
  2. How do I know if the renewal is done?

Best regards

Engineer: Abdel-Halim Mahmoud
• Evaluators Board Member, Baldrige Performance Excellence Award, MN, USA
• Scrum Master & Coach
• Certified PDRI Facilitator, Projects Planning Risk Control, Arizona State University, USA
• TeamSTEPPS Certified Master Trainer, USA Agency for Healthcare Research & Quality

[//cdck-file-uploads-global.s3.dualstack.us-west-2.amazonaws.com/letsencrypt/original/3X/0/1/014aae2fd21ce07e1cc9b1c81bb491fb3a4395cf.png]

Email: ceo@EgyptExcellence.commailto:ceo@EgyptExcellence.com | Web: www.EgyptExcellence.comhttp://www.egyptexcellence.com/
Phone: +1-602-6667511 - Reserve Free Consultation​https://outlook.office365.com/owa/calendar/AbdelHalimMahmoud%40EgyptEurope.onmicrosoft.com/bookings/
[https://lh3.googleusercontent.com/-w7grZc1Zp3I/UQStjEXJj6I/AAAAAAAAABs/FYyuyOI5SPg/s160/btn_myprofile_160x33.png]https://www.linkedin.com/in/halimconsult/

1 Like
  1. Just make sure to copy the commands 1:1 from the manual
  2. Goto
    https://check-your-website.server-daten.de/?q=arab.academy#ct-logs
    under 6.1 you will find the “not before” with a current value “2019-06-01 […]” after the renewal that is changed e.g. to “2019-08-25 […]” you properbly need to re-run the test at the test in oder to get the latest results - just go to the upper end of that page and hit the check button
1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.