Letsencrypt certificates not updating

S

Strator

Verified User
Joined
Jan 19, 2011
Messages
253
Hi guys,

Letsencrypt certificates for one of my user accounts are not renewing (all domains under this user are affected but not any other user accounts). Although it looks fine in directadmin and tells me that the certificates expire in June. But in any browser or SSL test I'm told that the certificates have expired three days ago.

I tried to reset to the default server certificates, but although directadmin claims it's been done, it seems to have no real-world effect.

Any ideas what might be going on? I'm really lost at the moment. Thanks!
 
did you issued an manual certficate request ? this helped me in the past
 
Strator said:
Any ideas what might be going on? I'm really lost at the moment. Thanks!
Click to expand...
Before you create 100 certificates which might not be needed, refresh browser cache. Also just to be sure use this site:

crt.sh | Certificate Search

Free CT Log Certificate Search Tool from Sectigo (formerly Comodo CA)
crt.sh
give in the domain and you will see all dates certificates are made.
So if DA says you got a certificate which is valid until June, you should be able to verify that on this site, and then something else is going on which causes the issue you're having.
 
Interesting tool. So crt.sh confirms that a valid certificate was created. But it seems like it's not being presented to the outside world.

- I noticed that there's a problem when my RSS reader (which connects from my mobile via http login) stopped working.
- Browser cache deletion doesn't help (plus, I've tried half a dozen browsers on three different devices).
- Tests at https://www.ssllabs.com/ssltest/ and thesslstore.com also can't find the current certificate and tell me that my certificate has expired several days ago.

How would I issue a manual certificate request?
 
UPDATE: Actually I have this problem on the entire server now, not just one user account. Odd - I thought I had tested other domains and they were still working.
 
So it seems I've been barking up the wrong tree. Nginx was hanging in a state of "still could not bind" so it didn't pick up the new certificates.

Doesn't explain why nginx is having issues, but at least I don't have to keep wondering about letsencrypt. Thanks for the input, which did help me look in the right direction.
 
Strator said:
- Tests at https://www.ssllabs.com/ssltest/ and thesslstore.com also can't find the current certificate and tell me that my certificate has expired several days ago.
Click to expand...
Since crt.sh is confirming the certificate is made but ssllabs points out it's not seen, creation is fine, server must have issue indeed.

As for why Nginx was causing this issue, makes me a bit curious, unfortunately I don't work with nGinx.

But thank you for reporting back, I might be able to help someone with a similar issue in the future.
 
I'm pretty sure I already know what it is...

Memory leak issues with modsecurity + nginx

Hi, I've been having issues with modsecurity and nginx for at least half a year now. To my knowledge, there's a memory leak in modsecurity versions
forum.directadmin.com forum.directadmin.com

Help needed troubleshooting/fixing memory loss issue

Hi all, I am having a problem that's been bugging me for almost a year now. The main symptoms are: - I get alerted that my websites are down. - I check in to see that my server is suffering from memory loss. - I go and restart nginx - problem solved. - After a few weeks, I have the same problem...
forum.directadmin.com forum.directadmin.com

More of the same of an unsolved Nginx problem I've had forever. I was so happy that it finally went away, but it seems it just didn't come up for a while because Nginx wasn't properly running in the first place.
 
You must log in or register to reply here.
Back
Top