Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: dinpsykolog.se (landing site in Digital Ocean, services in GCP on 4 subdomains)
I ran this command: -
It produced this output: -
My web server is (include version): -
The operating system my web server runs on is (include version): -
My hosting provider, if applicable, is: GCP
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 0.31.0
This problem is not related to much of the above questions, as I got things to work, but I'm still confused regarding where the cert is stored.
Short background: I'm using Traefik (reverse proxy and load balancer) and hosting it in kubernetes (using docker) in GCP. I have a number of web apps also hosted there using 4 subdomains. Sounds unrelated but I have a landing site (Wordpress) in a Digital Ocean droplet. The related part of the traefik (GCP) config is:
certificatesresolvers.myresolver.acme.dnschallenge=true
certificatesresolvers.myresolver.acme.dnschallenge.provider=digitalocean
certificatesresolvers.myresolver.acme.storage=/ssl/acme/acme-prod.json
My question is: Where is /ssl/acme/acme-prod.json stored?
I don't find it in source code, not in GCP and not in the Digital Ocean (DO) droplet instance.
Good to know: The renewing didn't work until yesterday, when I noticed errors in the GCP logs that it couldn't authenticate to DO, then I created a new token (DO_AUTH_TOKEN) there and updated the corresponding env variable in GCP and domains started renewing correctly. I did ask DO about this already but they didn't know and suggested to ask elsewhere.
Any clues?
Thanks in advance
Magnus