Unable to update certificate for port 8443

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:firstcreekmdp.com

I ran this command:

It produced this output:

My web server is (include version):Apache/2.4.29 (Ubuntu)

The operating system my web server runs on is (include version):Ubuntu 18.04.3 LTS

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): Certbot 0.31.0

I am trying to update my certbot certificate, for the most part it is working, firstcreekmdp.com is fine, however the certificate does not appear to be updating for firstcreekmdp.com:8443, any help on how to update the certificate for this port would be greatly appreciated.


1 Like

Please show the output of:
certbot certificates

And the complete command line use with:

I looks like Apache on port 443 is OK (new cert issued today)
But (???) on port 8443 has not been updated to use the new cert.
[it is either on another server, or another service - not same Apache]

1 Like

Tomcat is accessing port 8443:

Did you restart Tomcat after updating this certificate? I don’t think Tomcat would proactively look for changes to the file on disk.


Thanks for the help, that was it.


Hi @andy.cross

happy to read you have found the solution. I saw your check last night, the port 443 certificate was renewed.

But the extra port 8443 used the old, now revoked certificate.

Such a configuration (same certificate with different ports) may need some additional actions.

1 Like

If there is a simple “restart/reload” command for Tomcat, you might want to include it as a Post-Validation-hook


For me restarting tomcat was going to /opt/tomcat/bin/ and running ./shutdown.sh then running ./startup.sh, have to be run as root (sudo -i)

1 Like

Hi Juergen, is it tricky to set up multiple certificates on the same server? I’m pretty new to managing websites, so some of the subtleties are lost on me.

1 Like

No. You have multiple vHosts (port 80 and port 443), every port 443 vHost can use an own certificate.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.