Single SSL Certificate will not renew

Hi, my MIAB is running 0.46 and has been problem free until now. My main SSL certificate from letsencrypt would not renew and has now expired with the following error:
Certificate has a problem: The certificate has expired or is not yet valid. It is valid from 2020-04-27 01:00:42 to 2020-07-26 01:00:42.

Everything else on the status page is green.

I have tried the following:

  1. Rebooting and Re-running the install script- it makes no difference
  2. Installing a certificate from zerossl- I get a “there is a problem with the certificate. error… .pem verification failed” error
  3. Deleting everything from the /home/user-data/ssl folder and re-running the installation script- breaks NGINX during install and I have to restore to my snapshot

I can find my way to the letsencrypt log but have no idea what to copy to show what is going wrong. All the other certificates have renewed fine, its just this one that seems to be stuck.

Emails are still sent and received but any help to try and fix this would be appreciated. Thanks

Try deleting the contents of /home/user-data/ssl

then run sudo /root/mailinabox/setup/ (assuming you installed MiaB as the root user)

then rerun sudo mailinabox

You should not have the nginx issue as the script solves that issue.

Once that has done, try provisioning the cert(s) in the admin area.

Let me know if this works, or not. Somehow I feel that I am missing a step. :frowning:

Hey, thanks for your response.

Re-running sudo mailinabox after the script didnt work, with the following error:
ln: failed to create symbolic link ‘/home/user-data/ssl/ssl_certificate.pem’: File exists

I tried provisioning the certificates anyway and got the following error:

Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags.

web updated

Try running this as root

certbot register --register-unsafely-without-email --agree-tos --config-dir $STORAGE_ROOT/ssl/lets_encrypt

It’s a long shot but since you have your snapshot, you’re the designated guinea pig! :stuck_out_tongue:

This command is the very last thing in the setup script … I have noticed that it for some reason does not always run.