Unable to access https despite having valid certificates

Derrick250 · February 2, 2020, 8:26am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: kobocollect.com

I ran this command: certbot certonly --server https://acme-v02.api.letsencrypt.org/directory --manual --preferred-challenges dns -d ‘*.kobocollect.com’ -d kobocollect.com

It produced this output:
Paraphrased: "Congratulations, your certificates have been autorenewed and are at a (certain location).
However, I’m unable to use get to the website using https as it is still using my previous certificates.
It has been 2 hours and I’d like to know if there’s anything else I need to do to get the website running on https

My web server is (include version): nginx

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

JuergenAuer · February 2, 2020, 8:52am

Hi @Derrick250

you use certonly, so your server isn't restartet and your configuration isn't changed.

Checking your configuration - https://check-your-website.server-daten.de/?q=kobocollect.com#ct-logs

Issuer	not before	not after	Domain names	LE-Duplicate	next LE
Let's Encrypt Authority X3	2020-02-02	2020-05-02	*.kobocollect.com, kobocollect.com - 2 entries	duplicate nr. 2
Let's Encrypt Authority X3	2020-02-02	2020-05-02	*.kobocollect.com, kobocollect.com - 2 entries	duplicate nr. 1

You have created two identical certificates, that has worked.

But you use a certificate with another set of domain names:

CN=kf.kobocollect.com
	03.11.2019
	01.02.2020
1 days expired	
ee.kobocollect.com, kc.kobocollect.com, kf.kobocollect.com - 3 entries

So a simple restart of your server may not work.

You have to change the file names manual in your nginx server block.

Derrick250 · February 2, 2020, 9:29am

Hi Juergen,

Thank you for this. It’s insightful. how would I go about changing the filenames? My nginx is running inside a docker container

JuergenAuer · February 2, 2020, 9:52am

certbot certificates

should show the new certificate.

nginx -T

the place you have to change.

Derrick250 · February 2, 2020, 9:58am

Should this also work if the nginx is running inside a docker container?

JuergenAuer · February 2, 2020, 10:05am

I don’t know, I’m not firm with docker.

But if you use docker, you should know what you have to do.

system · March 3, 2020, 10:05am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.