Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My web server is (include version): Apache/2.4.18 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 16.04.03 LTS
My hosting provider, if applicable, is: Linode
I can login to a root shell on my machine (yes or no, or I donāt know): yes
Iām using a control panel to manage my site (no, or provide the name and version of the control panel): no
Please forgive my ignorance. I set up the certificates originally, likely through some kind of tutorial, and theyāve been on autopilot since. Iād really appreciate any guidance as to how to update whatever it is I need to update to fix the EOL issue. I have root CLI access. Thanks much in advance!!!
I ran ācertbot renew --dry-runā and it produced this output. Since it says āhttp-01 challengeā, does this mean I do not have the TLS-SNI-01 domain validation?
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for hydrophase.com
http-01 challenge for www.hydrophase.com
Waiting for verificationā¦
Cleaning up challenges
new certificate deployed with reload of apache server; fullchain is
/etc/letsencrypt/live/hydrophase.com/fullchain.pem
** DRY RUN: simulating ācertbot renewā close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/hydrophase.com/fullchain.pem (success)
** DRY RUN: simulating ācertbot renewā close to cert expiry
** (The test certificates above have not been saved.)
Help, please? I think I have the TNS-SNI-01 validation issue solved (please see post directly above), but I would really appreciate a brief confirmation of this by anyone with knowledge, please. Thanks much!
Idiot question here, but would I do that with certbot as I did originally? Will the new certificate overwrite the old one? or do I need to revoke or delete it first?