How to renew letsencrypt ssl certificate in cent os aws ec2 ?

Articles
How to renew letsencrypt ssl certificate in cent os aws ec2 ?

How to renew letsencrypt ssl certificate in cent os aws ec2 ?

Find the letsencrypt path

Please go to the folder where you already installed letsencrypt (first time),

path may be, (in our case it was -> /letsencrypt/letsencrypt)

/etc/letsencrypt

(or)

/letsencrypt/letsencrypt

(or) Renew using certbot directly from any path,

certbot renew
(or)
certbot renew --force-renewal

Inside that You can find a file called letsencrypt-auto.

Run this command to renew your existing letsencrypt certificate from this folder letsencrypt-auto:
sudo ./letsencrypt-auto renew

AWS EC2: Run this command to renew your existing letsencrypt certificate from this folder letsencrypt-auto

sudo ./letsencrypt-auto renew --debug

Could not find letsencrypt-auto folder ?

In my case it is found in /letsencrypt/letsencrypt path

You can also use this below find command to search letsencrypt folder:

find / -name “letsencrypt”

here / tells to search from the main directory with the name “letsencrypt”, you will get the search results something like this if it is found in your system,

/letsencrypt
/letsencrypt/letsencrypt
/var/lib/letsencrypt
/var/log/letsencrypt
/etc/letsencrypt
/opt/eff.org/certbot/venv/bin/letsencrypt
/opt/eff.org/certbot/venv/lib/python2.7/site-packages/letsencrypt

Still not able to find it ?

Then either letsencrypt is not installed / configured properly, or it could have been corrupted. Please follow this link to install properly again.

Note:

Make sure to stop your nginx/apache servers, if you are running any background processes like pm2/forever, then please stop those things as well to renew the ssl letsencrypt certificates without any issue.

If you using nginx and node files (say angular applications) then run the below command with the correct path for proper ssl renewal:

./letsencrypt-auto certonly --webroot -w /usr/share/nginx/html -d saveji.com -d www.saveji.com

Then start nginx/apache/pm2/forever whichever you stopped then check the date of the certificate.

You will get the success message similar to this:

Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/YOURDOMAIN.COM-0001/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/YOURDOMAIN.COM-0001/privkey.pem
Your cert will expire on 2019-02-11. To obtain a new or tweaked
version of this certificate in the future, simply run
letsencrypt-auto again. To non-interactively renew *all* of your
certificates, run “letsencrypt-auto renew”
– If you like Certbot, please consider supporting our work by:

Note: I tried around 15 days before it expires, in that case it did not renew my existing certificate, it just created the new certificate starting from today to 90 days. Please give the correct folder name in nginx ssl configurations, if similar case happened to you guys as well.

Other useful links:

Letencrypt certificate installation on AWS EC2

Certbot renew with –debug

Upgraded cert-auto created issues ?

I recently upgraded to the latest cert-auto so that created lot of below excceptions,

Error: couldn't get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 7, in <module>
    from certbot.main import main
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/main.py", line 2, in <module>
    from certbot._internal import main as internal_main
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/_internal/main.py", line 10, in <module>
    import josepy as jose
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/__init__.py", line 44, in <module>
    from josepy.interfaces import JSONDeSerializable
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/interfaces.py", line 7, in <module>
    from josepy import errors, util
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/util.py", line 7, in <module>
    import OpenSSL
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/__init__.py", line 8, in <module>
    from OpenSSL import crypto, SSL
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/crypto.py", line 12, in <module>
    from cryptography import x509
ImportError: No module named cryptography
[root@ip-172-31-2-155 letsencrypt]# File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 7, in <module>
bash: syntax error near unexpected token `newline'
And fixed the issue by following this steps:
https://stackoverflow.com/questions/59832771/letsencrypt-failed-with-importerror-no-module-named-proxy

Hire Me:

Still facing any issues ? you can hire me to fix it/setup it. Please drop an email to mirthbees@gmail.com to start a conversation.

Leave a comment

Leave a Reply