Vultr - 1-click WordPress SSL Auto Renewal


#1

I want to use Vultr - one-click WordPress Application for my site - https://www.techprevue.com
I have installed a test website and installed ssl through Vultr docs - https://www.vultr.com/docs/install-lets-encrypt-ssl-on-one-click-wordpress-app

SSL over test site has been installed successfully and I have tried certbot renew dry run (certbot renew --dry-run) that is working properly.

But how can I be assure Let’s Encrypt ceritificate will be auto-renewed on time?

Please help!


#2

edit /etc/letsencrypt/reneal/yourdomain.conf and add
renew_before_expiry = 90 days
and run certbot renew (without --dry-run ) and see if webserver uses new cert.
and remove renew_before_expiry back


#3

Thanks I will check it shortly and let you know. Thanks for kind consideration.


#4

It said no such directory exists

I also tried renewal instead of reneal


#5

Do you have an /etc/letsencrypt directory?

(It should indeed be /etc/letsencrypt/renewal rather than reneal.)


#6

I am new to vultr. I need to check.

If not what to do. Please let me know the steps.


#7

Yes, both directories exist. What should I do now?

In domain.conf these lines found…

# renew_before_expiry = 30 days
version = 0.31.0
archive_dir = /etc/letsencrypt/archive/domain
cert = /etc/letsencrypt/live/domain/cert.pem
privkey = /etc/letsencrypt/live/domain/privkey.pem
chain = /etc/letsencrypt/live/domain/chain.pem
fullchain = /etc/letsencrypt/live/domain/fullchain.pem
 
# Options used in the renewal process
 [renewalparams]
account = 52***********************************************
installer = nginx
server = https://acme-v02.api.letsencrypt.org/directory
authenticator = nginx

#8

Need help. No body here to answer me.


#9

Hi @vinayprajapati

your site has a Comodo certificate ( https://check-your-website.server-daten.de/?q=techprevue.com ):

CN=techprevue.com, OU=PositiveSSL, OU=Domain Control Validated
	15.03.2017
	15.03.2020
expires in 358 days	techprevue.com, www.techprevue.com - 2 entries

You have a lot of Letsencrypt certificates with subdomains, but not with your main domain. Check the list of your Certificate-Log - entries ( https://check-your-website.server-daten.de/?q=techprevue.com#ct-logs ).

So first complete the tutorial to create a new certificate and install it.

Certbot should create a job to do that. But that doesn’t work if you use only --dry-run.


#10

I have not yet installed letsencrypt ssl on www.techprevue.com. I m moving this site to vultr and need to setup auto renewal so set up a demo site to check the auto renewal process before migration.

I have completed most of the steps given in various tutorials but how to check if auto renewal will be done before time or not.


#11

That’s not required.

If you can create a new certificate, renew works too.

“Renew” creates a new certificate and uses the same parameters of the last certificate.

So this isn’t a problem.

“Renew” doesn’t mean: “Change the current certificate”.


#12

Sir, do you mean, it will be auto renewed?


#13

I don’t know, I do not know what you have installed. You have a lot of Letsencrypt certificates ( https://check-your-website.server-daten.de/?q=techprevue.com )

Last Certificates - Certificate Transparency Log Check (BETA)

CRT-Id Issuer not before not after Domain names LE-Duplicate next LE
1200271241 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2019-02-13 12:59:26 2019-05-14 11:59:26 demo.techprevue.com no duplicate
1198592920 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2019-02-12 15:41:29 2019-05-13 14:41:29 hi.techprevue.com, www.hi.techprevue.com no duplicate
1029960076 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2018-12-14 21:34:53 2019-03-14 21:34:53 demo.techprevue.com no duplicate
1026978162 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2018-12-13 15:48:43 2019-03-13 15:48:43 hi.techprevue.com, www.hi.techprevue.com no duplicate
862956002 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2018-10-15 04:56:03 2019-01-13 05:56:03 demo.techprevue.com no duplicate
857498857 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2018-10-13 14:31:58 2019-01-11 15:31:58 hi.techprevue.com, www.hi.techprevue.com no duplicate
744634451 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2018-08-15 13:23:04 2018-11-13 14:23:04 demo.techprevue.com no duplicate
755560717 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2018-08-13 13:46:08 2018-11-11 14:46:08 hi.techprevue.com, www.hi.techprevue.com no duplicate
538744046 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2018-06-15 21:58:35 2018-09-13 21:58:35 demo.techprevue.com no duplicate
525399525 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2018-06-13 05:55:25 2018-09-11 05:55:25 hi.techprevue.com, www.hi.techprevue.com no duplicate
407039836 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2018-04-16 06:20:49 2018-07-15 06:20:49 demo.techprevue.com no duplicate
330845524 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2018-02-14 15:46:49 2018-05-15 14:46:49 demo.techprevue.com no duplicate

And you have always 30 days to check that and to renew the certificate manual.

So start to use it.