Jaypoc dotCom
  • Home
  • About Jaypoc
    • About Jaypoc
    • Geocaching
    • Magic and Illusion
    • Photography
  • My Videos
  • Live Web-Cam
  • Contact Me

Let’s Encrypt SSL Certificate Does Not Auto-Renew via Certbot

Posted on October 26, 2016 by jaypoc

Thanks to the Linux Foundation and groups such as the EFF, Free SSL certificates are now available and are easy to issue and deploy on your websites. The catch is that they’re only valid for 90 days, but utilities exist to manage and renew the certificates for you. If you don’t use SSL on your website, I encourage you to check out the Let’s Encrypt and Certbot websites for more information.

When I went to my site this afternoon, it showed an error stating my SSL certificate had expired. I recently (90 days ago) configured Certbot (https://certbot.eff.org/) through a cron-job to renew my certificates regularly so they don’t expire. But they did!

In case anybody else comes up with this issue, I’ve explained why it happened and my solution below.

Certbot Website

Certbot Website

Running Certbot’s renew command from a bash shell looked as follows:

server:~$ sudo certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/jaypoc.com.conf
-------------------------------------------------------------------------------
Cert not yet due for renewal

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/jaypoc.com/fullchain.pem (skipped)
No renewals were attempted.
server:~$

After some investigating, I found out that Certbot had actually successfully renewed my certificates, but my web server (Nginx) was still serving the old certificate. A simple reload of the web server and my site began serving up the valid certificate. I don’t know if Apache or other web servers would automatically detect the change and serve up the correct SSL certificate file, but if not, make sure they’re configured to refresh them upon change.

Resources:

  • Let’s Encrypt – https://letsencrypt.org
  • Certbot – https://certbot.eff.org
Posted in Technology | Tags: Certbot, HTTPS, Let's Encrypt, SSL |
« Photographing Cosplayers
Ronald McDonald, More than just fast food. »

Leave a comment Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Categories

  • Food
  • Humor
  • Magic and Illusion
  • News
  • Personal
  • Photography
  • Reviews
  • Technology
  • Uncategorized

Recent Posts

  • Adding patterns (.pat) in Photoshop 21.0.3
  • Ronald McDonald, More than just fast food.
  • Let’s Encrypt SSL Certificate Does Not Auto-Renew via Certbot
  • Photographing Cosplayers
  • How To Send Large Files To Clients

Recent Comments

  • jaypoc on Canon D60 at PPE
  • Jaypoc on Canon D60 at PPE
  • Jaypoc on Photographing Cosplayers
  • ActionVance on Photographing Cosplayers
  • joe on How To Send Large Files To Clients

Categories

Archives

CyberChimps WordPress Themes

Copyright © 1998-2019 Jason Bauman. All rights reserved.