Website is down because ssl is expired

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: spnone.no

I ran this command: certbot renew

It produced this output: ssl didn’t get renewed

My web server is (include version): nginx 1.18.0

The operating system my web server runs on is (include version): centos 7

My hosting provider, if applicable, is: ovh.com

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no.

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 1.3.0

1 Like

Four new certificates were issued today; two of them include the www subdomain and two do not.

https://crt.sh/?q=spnone.no

https://spnone.no/ and https://www.spnone.no/ are both using one of the new certificates without www – so the former works, and visiting the latter results in a certificate mismatch error.

What does “sudo certbot certificates” output?

1 Like

Found the following certs:
Certificate Name: demo1.norwaysites.no
Domains: demo1.norwaysites.no
Expiry Date: 2020-08-16 12:34:09+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/demo1.norwaysites.no/fullchain.pem
Private Key Path: /etc/letsencrypt/live/demo1.norwaysites.no/privkey.pem
Certificate Name: norwaysites.no
Domains: norwaysites.no spnone.no www.norwaysites.no www.spnone.no
Expiry Date: 2020-08-16 12:31:56+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/norwaysites.no/fullchain.pem
Private Key Path: /etc/letsencrypt/live/norwaysites.no/privkey.pem
Certificate Name: rumblepvp.com
Domains: rumblepvp.com www.rumblepvp.com
Expiry Date: 2020-08-16 11:28:27+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/rumblepvp.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/rumblepvp.com/privkey.pem
Certificate Name: sickopvp.com
Domains: sickopvp.com www.sickopvp.com
Expiry Date: 2020-08-16 11:28:40+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/sickopvp.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/sickopvp.com/privkey.pem
Certificate Name: spnone.no-0001
Domains: spnone.no
Expiry Date: 2020-08-16 12:34:50+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/spnone.no-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/spnone.no-0001/privkey.pem
Certificate Name: spnone.no
Domains: spnone.no www.spnone.no
Expiry Date: 2020-08-16 11:28:49+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/spnone.no/fullchain.pem
Private Key Path: /etc/letsencrypt/live/spnone.no/privkey.pem

1 Like

I would delete this cert:

And use this one instead:

You can do that with:
certbot delete --cert-name spnone.no-0001
First be sure you aren’t using that cert anywhere.
Which it seems you are:
https://www.ssllabs.com/ssltest/analyze.html?d=spnone.no

1 Like

The website is down because:

Error establishing a database connection

wget https://spnone.no/
--2020-05-18 17:01:55--  https://spnone.no/
Resolving spnone.no (spnone.no)... 54.38.78.56
Connecting to spnone.no (spnone.no)|54.38.78.56|:443... connected.
HTTP request sent, awaiting response... 500 Internal Server Error
2020-05-18 17:01:56 ERROR 500: Internal Server Error.
1 Like

The sites are still down.

I did certbot renew

And got the following:
The following certs are not due for renewal yet:
/etc/letsencrypt/live/demo1.norwaysites.no/fullchain.pem expires on 2020-08-16 (skipped)
/etc/letsencrypt/live/norwaysites.no/fullchain.pem expires on 2020-08-16 (skipped)
/etc/letsencrypt/live/rumblepvp.com/fullchain.pem expires on 2020-08-16 (skipped)
/etc/letsencrypt/live/sickopvp.com/fullchain.pem expires on 2020-08-16 (skipped)
/etc/letsencrypt/live/spnone.no/fullchain.pem expires on 2020-08-16 (skipped)
No renewals were attempted.

1 Like

Which sites are down? Do any of them have problems with their certificates, or do they have problems with other things?

1 Like

Spnone.no and Norwaysites.no.

I assume these two websites went offline because the SSL expired today. The sites were running fine yesterday for example. I have problems renewing the certificates.

I get the following when I do certbot renew:

/etc/letsencrypt/live/spnone.no/fullchain.pem expires on 2020-08-16 (skipped)
No renewals were attempted.

1 Like

Hi @sickom0de

that domain

isn’t down - https://check-your-website.server-daten.de/?q=norwaysites.no

There is a new Letsencrypt certificate

CN=norwaysites.no
	18.05.2020
	16.08.2020
expires in 90 days	norwaysites.no, spnone.no, 
www.norwaysites.no, www.spnone.no - 4 entries

and both connections (www and non-www) use that certificate.

There is a problem - http status 500 - Server Error:

Error establishing a database connection

So your site doesn’t work.

But that’s not a certificate problem.

PS:

I have problems renewing the certificates.

You have renewed and installed the certificate. Fix your database problem.

1 Like

But that’s not a certificate problem.
Any idea how I fix this? I have tried restarting the MySql database, etc.
The error message says:

Error establishing a database connection

1 Like

I restarted the VPS. Now the site went offline. I did the command

systemctl restart nginx

and got the following
● nginx.service - nginx - high performance web server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2020-05-18 21:25:03 CEST; 10s ago
Docs: http://nginx.org/en/docs/
Process: 10803 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=1/FAILURE)

May 18 21:25:03 vps785737.ovh.net systemd[1]: Starting nginx - high performa…
May 18 21:25:03 vps785737.ovh.net nginx[10803]: nginx: [emerg] cannot load ce…
May 18 21:25:03 vps785737.ovh.net systemd[1]: nginx.service: control process…1
May 18 21:25:03 vps785737.ovh.net systemd[1]: Failed to start nginx - high p…
May 18 21:25:03 vps785737.ovh.net systemd[1]: Unit nginx.service entered fai…
May 18 21:25:03 vps785737.ovh.net systemd[1]: nginx.service failed.
Hint: Some lines were ellipsized, use -l to show in full.

nginx -t gives me:

[root@vps785737 ~]# nginx -t

nginx: [emerg] cannot load certificate “/etc/letsencrypt/live/spnone.no-0001/fullchain.pem”: BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(’/etc/letsencrypt/live/spnone.no-0001/fullchain.pem’,‘r’) error:2006D080:BIO routines:BIO_new_file:no such file)

nginx: configuration file /etc/nginx/nginx.conf test failed

1 Like

Update: I managed to fix the problem.

I followed this guide: https://certbot.eff.org/lets-encrypt/centosrhel7-nginx

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.