php55w-common conflicts with php-common-5.* | Php issues while installing libraries
I was trying to install mongo extension with pecl. It gave me error: Then, I…
How to Renew Lets Encrypt SSL Certificate
July 04, 2018
Introduction to problem
This post is applicable for those who has already an SSL certificate from Lets Encrypt. And, wants to renew them.
Some Old Reference to Lets Encrypt commands
For previous posts about Lets Encrypt. See:
- Lets Encrypt Issues while updating or renewing
- Renew Issues when using Cloudflare
- Lets Encrypt useful commands
To know Certificate Expiry date
There may be a chance that you are running multiple websites from a server. You must be having an utility installed called: certbot. To get expiry date of each websites on your server, run:
sudo certbot certificatesIt will list down all the certificates list and their expiry date. Sample output:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
Certificate Name: abcdef.com
Domains: abcdef.com www.abcdef.com
Expiry Date: 2018-07-22 01:30:26+00:00 (INVALID: EXPIRED)
Certificate Path: /etc/letsencrypt/live/abcdef.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/abcdef.com/privkey.pem
Certificate Name: abcdefgh.com
Domains: abcdefgh.com www.abcdefgh.com
Expiry Date: 2019-03-07 08:02:01+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/abcdefgh.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/abcdefgh.com/privkey.pem
Certificate Name: abcdefghij.com
Domains: abcdefghij.com www.abcdefghij.com
Expiry Date: 2019-03-07 08:03:10+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/abcdefghij.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/abcdefghij.com/privkey.pem
Certificate Name: abcdefghijkl.com
Domains: abcdefghijkl.com www.abcdefghijkl.com
Expiry Date: 2019-01-06 01:30:19+00:00 (VALID: 29 days)
Certificate Path: /etc/letsencrypt/live/abcdefghijkl.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/abcdefghijkl.com/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Renew a Certificate
Run command:
sudo certbot certonly -d <your-website>.com -d www.<your-website>.comNote: I’m asking for both www and non-www version of certificate.
it will then ask for ways to authenticate:
How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)Simply type 2 and press Enter. It will then ask for webroot, where your index.html or index.php resides. After typing, it will confirm, and start processing your request.
If everything goes fine, following is the output:
Waiting for verification...
Cleaning up challenges
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/xyz.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/xyz.com/privkey.pem
Your cert will expire on 2019-03-07. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
"certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-leAnd, now if you run:
sudo certbot certificatesYou can see the updated expiry date.
Caution while renew SSL certificate
If by any chance, your request failed. You should change your command to:
sudo certbot certonly -d <your-website>.com -d www.<your-website>.com --dry-runIn case, you keeps on retrying. Lets encrypt has a quota of requests that it takes from a client. It will block you for the day or more. And, you will only request after that time limit. What this option does is it will test your configuration, and if everything goes fine, it will just display message: Success. It will not replace your new certificates.
But, this surely helps identifying errors. You should also look at the log file it generates. In the output message on console, it display the logfile path.
Hope you find this post useful.
Similar Posts
Common used Elastic Search queries
Listing down the commonly used Elastic Search queries. You can get search…
How to Install packages from command line and Dockerfile with Chocolatey
Introduction We will introduce a Package Manager for Windows: . In automations…
How to upload files on AWS S3 by using curl, without having command line aws or other tool
Introduction There were few files that I need to take backup from a machine that…
Drupal 8 - How to create a Page with admin access and create its menu entry in Reports (No Coding)
Introduction I needed a report page, where I wanted to have some information…
Understanding and Solving pylint errors for Python 3
Pylint is an excellent tool to have good quality code. This post is not about…
Latest Posts
Python SMTP Email Code - How to Send HTML Email from Python Code with Authentication at SMTP Server
Introduction This post has the complete code to send email through smtp server…
Python SMTP Email Code - Sender Address Rejected - Not Owned By User
Introduction In a normal email sending code from python, I’m getting following…
Nodejs with MongoDB - Number of Opened Connections Keep on Increasing with Mongoose Library
Introduction In one of my app, I was using to talk to . I have used some event…
Django Python - How to Build Docker Image and Run Web-service on Apache with Python 3.9
Introduction So you have a Django project, and want to run it using docker image…
Python - How to Maintain Quality Build Process Using Pylint and Unittest Coverage With Minimum Threshold Values
Introduction It is very important to introduce few process so that your code and…
Example Jenkin Groovy Pipeline Script for Building Python Projects with Git Events and Push to Artifactory
Introduction In this post, we will see a sample Jenkin Pipeline Groovy script…