Renewing Let’s Encrypt SSL certificate
The other day I have received an email from the Let’s Encrypt Expiry Bot stating that my SSL certificate for the domain name lucaslouca.com is about to expire.
In this post I have extensively described how to setup a WordPress blog on an EC2 instance along with a Let’s Encrypt SSL certificate.
Since I don’t want my visitors to encounter any errors when visiting my site I had to renew my SSL certificate. Here are the commands I used to renew my certificate:
Before I run letsencrypt, I temporarily disabled /var/www/html/.htaccess:
|
1 2 |
# mv /var/www/html/.htaccess /var/www/html/.htaccess_ |
Run the letsencrypt command:
|
1 2 |
# /usr/local/letsencrypt/letsencrypt-auto renew --force-renew |
with output:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
Requesting root privileges to run certbot... /home/ec2-user/.local/share/letsencrypt/bin/letsencrypt renew --force-renew Saving debug log to /var/log/letsencrypt/letsencrypt.log ------------------------------------------------------------------------------- Processing /etc/letsencrypt/renewal/lucaslouca.com.conf ------------------------------------------------------------------------------- Renewing an existing certificate Performing the following challenges: http-01 challenge for lucaslouca.com Waiting for verification... Cleaning up challenges ------------------------------------------------------------------------------- new certificate deployed without reload, fullchain is /etc/letsencrypt/live/lucaslouca.com/fullchain.pem ------------------------------------------------------------------------------- Congratulations, all renewals succeeded. The following certs have been renewed: /etc/letsencrypt/live/lucaslouca.com/fullchain.pem (success) |
Enabled /var/www/html/.htaccess again:
|
1 2 |
# mv /var/www/html/.htaccess_ /var/www/html/.htaccess |
Finally, go ahead and restart your web server:
|
1 2 |
# service httpd restart |
UPDATE
In case the above method does not work anymore, please try:
|
1 2 3 4 5 6 7 8 |
# sudo su - # mv /var/www/html/.htaccess /var/www/html/.htaccess_ # rm -rf /opt/eff.org/* # pip install -U certbot # certbot renew --debug # mv /var/www/html/.htaccess_ /var/www/html/.htaccess # service httpd restart |
Or use the following commands to create new ones
|
1 2 |
# certbot certonly -d fizzbuzzer.com -d www.fizzbuzzer.com -d fullbeef.com -d www.fullbeef.com -d www.econometrics.io -d econometrics.io |