Tried renew certificate which expires about 5 days

I have ran this command

I have access machine console and dns. I have typed acme keys right.

./acme.sh --issue --dns -d xxxxx -d xxxxx --yes-I-know-dns-manual-mode-enough-go-ahead-please --renew

I got pretty much same certificate which is expiring.

    Issuer: C = AT, O = ZeroSSL, CN = ZeroSSL RSA Domain Secure Site CA
    Validity
        Not Before: Jan 14 00:00:00 2022 GMT
        Not After : Apr 14 23:59:59 2022 GMT

Before I have renew certs and got new one which isnt expiring few days.

What may be a problem ?

First of all, that's not a Let's Encrypt certificate.

Second, i don't think you're supposed to use --issue and --renew together.

2 Likes

Worked same way without --issue parameter.

    Validity
        Not Before: Jan 14 00:00:00 2022 GMT
        Not After : Apr 14 23:59:59 2022 GM

I am pretty sure that command has worked before because its same in bash history.

I would've removed --renew while keeping --issue

Manual mode is usually not that intuitive. (You should check acme.sh documentation, but at least for Certbot, it just doesn't renew: it explicitly gets a new certificate.)

You should not use manual mode if you have alternatives.

1 Like

The first problem is that you aren't using Let's Encrypt services or software, so you should really be seeking support somewhere else--this community isn't the support forum for acme.sh, nor for ZeroSSL. If you want to get a Let's Encrypt cert using acme.sh, you need to explicitly tell it to use that CA.

The second problem is that you've given us literally nothing to work with--none of the output of the command you ran (and I'd agree that --issue and --renew wouldn't ordinarily be used together), nor what you did to get the information you posted regarding the certificate's validity time, nor the domain name for any of us to have any idea what's going on.

But if I had to make a wild guess, it would be that you've issued a perfectly valid new cert (and possibly two of them), but you haven't restarted the service that's using that cert in order for it to recognize that you have a new cert.

5 Likes

Maybe problem is in zerossl site. Renew never worked. I got old certificate when using acme.sh.
Solution:

I created a new account and recreate certificate then it worked.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.