Unable to get https cert after updating certbot for another domain

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:nextcloud.gibgeeks.com

I ran this command:Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 2
Attempting to parse the version 2.6.0 renewal configuration file found at /etc/letsencrypt/renewal/nextcloud.gibgeeks.com.conf with version 1.21.0 of Certbot. This might not work.
Are you trying to change the key type of the certificate named nextcloud.gibgeeks.com from ECDSA to RSA? Please provide both --cert-name and --key-type on the command line to confirm the change you are trying to make.

It produced this output:

My web server is (include version): ubuntu 22.04

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: homeserver

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): bluehost

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): was certbot classic

Certbot says you already have a certificate for your nextcloud.gibgeeks.com domain.

What are you trying to do?

3 Likes

I originaly set up nextcloud this morning and had https cert with domain nextcloud.gibgeeks.com running then I attempted to get a cert for another domain on same ubuntu 22.04 host of the nextcloud server. I ended up with only http on nextcloud.gibgeeks.com and unable to get the cert for gibgeeks.com.

I think i have installed 2 different versions of certbox?

Having 2 versions of Certbot isn't the end of the world. At least, it's not the cause of your problems right now. You should uninstall the non-snap version, though.

It looks like you have working SSL certificates for both of your domains right now. It seems fine when I visit. Is something not working for you?

4 Likes

Yes, when I use my phone on data for both domains https works, but inside the network ie on a 192.168.x.x network the truecloud.gibgeeks.com is http only. I had to add the domain IP to trusted sites to get nextclout to work.

the domain gibgeeks.com has the certificate for the moment but will not auto renew so i wanted them both to renew from ubuntu-nextcloud. Should I just uninstall the non snap version? is classic certbot non snap?

Please show:
certbot certificates

And the actual command you ran.

Do:
apt remove certbot

3 Likes

I can uninstall certbot as requested, but am unsure how to show certbot certificates

Type:
certbot certificates
then press [enter]

LOL

3 Likes

Thanks, its easy when you know how! Info is below, I will ununstall certbot as requested shortly.
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Found the following certs:
Certificate Name: nextcloud.gibgeeks.com
Serial Number: 312e15edb49c002a6274c21a32ba178f7f5
Key Type: ECDSA
Domains: nextcloud.gibgeeks.com
Expiry Date: 2023-08-28 08:59:56+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/nextcloud.gibgeeks.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/nextcloud.gibgeeks.com/privkey.pem

1 Like

Certbot removed

Ok, just to tripple check...
What shows?:
certbot --version

3 Likes

extcloud@nextclouud:~$ certbot --version
bash: /usr/bin/certbot: No such file or directory
nextcloud@nextclouud:~$ sudo certbot --version
[sudo] password for nextcloud:
certbot 2.6.0
nextcloud@nextclouud:~$

1 Like

OK, that's good!

Now try:
sudo certbot renew --dry-run

2 Likes

Result is below
nextcloud@nextclouud:~$ sudo certbot renew --dry-run
[sudo] password for nextcloud:
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /etc/letsencrypt/renewal/nextcloud.gibgeeks.com.conf


Account registered.
Simulating renewal of an existing certificate for nextcloud.gibgeeks.com


Congratulations, all simulated renewals succeeded:
/etc/letsencrypt/live/nextcloud.gibgeeks.com/fullchain.pem (success)

2 Likes

Then you are all good to go!

4 Likes

does that mean i can run it again and it will work properly on my internal network?

What do you mean by?:

It ran fine.
Are you going to run it somewhere else?

4 Likes

Its ok, thankyou and cheers

4 Likes

Cheers from Miami :beers:

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.