The TLS (SSL) certificate has a problem: The certificate is expiring soon: The certificate expires in 6 days on 12/22/18

Hi,
This is what my control panel says. I looked around and found a recommendation to run on my box:
# mailinabox

Did that but this didn’t change.

I know next to nothing so other things I’ve found I don’t understand. Please help!

My /var/log/letsencrypt/letsencrypt.log I got the impression it might help…

2018-12-16 12:09:33,362:DEBUG:certbot.main:certbot version: 0.26.1
2018-12-16 12:09:33,362:DEBUG:certbot.main:Arguments: ['-q']
2018-12-16 12:09:33,362:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-12-16 12:09:33,371:DEBUG:certbot.log:Root logging level set at 30
2018-12-16 12:09:33,372:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-12-16 12:09:33,373:DEBUG:certbot.renewal:no renewal failures
2018-12-16 12:34:53,267:DEBUG:certbot.main:certbot version: 0.26.1
2018-12-16 12:34:53,268:DEBUG:certbot.main:Arguments: ['--non-interactive', '-d', 'box.eladhen.com,eladhen.com,www.eladhen.com', '--csr', '/tmp/tmp841sic8f', '--cert-path', '/tmp/tmp4pesf24n/cert', '--chain-path', '/tmp/tmp4pesf24n/chain', '--fullchain-path', '/tmp/tmp4pesf24n/cert_and_chain.pem', '--webroot', '--webroot-path', '/home/user-data/ssl/lets_encrypt/webroot', '--config-dir', '/home/user-data/ssl/lets_encrypt']
2018-12-16 12:34:53,268:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-12-16 12:34:53,278:DEBUG:certbot.log:Root logging level set at 20
2018-12-16 12:34:53,279:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-12-16 12:34:53,279:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2018-12-16 12:34:53,280:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7efcf98299b0>
Prep: True
2018-12-16 12:34:53,280:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7efcf98299b0> and installer None
2018-12-16 12:34:53,280:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2018-12-16 12:34:53,281:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/display/ops.py", line 50, in get_email
    force_interactive=True)
  File "/usr/lib/python3/dist-packages/certbot/display/util.py", line 529, in input
    self._interaction_fail(message, cli_flag)
  File "/usr/lib/python3/dist-packages/certbot/display/util.py", line 474, in _interaction_fail
    raise errors.MissingCommandlineFlag(msg)
certbot.errors.MissingCommandlineFlag: Missing command line flag or config entry for this setting:
Enter email address (used for urgent renewal and security notices)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    load_entry_point('certbot==0.26.1', 'console_scripts', 'certbot')()
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1364, in main
    return config.func(config, plugins)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1238, in certonly
    le_client = _init_le_client(config, auth, installer)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 641, in _init_le_client
    acc, acme = _determine_account(config)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 517, in _determine_account
    config.email = display_ops.get_email()
  File "/usr/lib/python3/dist-packages/certbot/display/ops.py", line 54, in get_email
    raise errors.MissingCommandlineFlag(msg)
certbot.errors.MissingCommandlineFlag: You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags.

I’m also getting this in my mail:

Provisioning TLS certificates for box.eladhen.com, eladhen.com, www.eladhen.com. error: box.eladhen.com, eladhen.com, www.eladhen.com: Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None You should register before running non-interactively, or provide --agree-tos and --email &lt;email_address&gt; flags.

Which version of MiaB are you running?

The issue is that the Let’s Encrypt ToS was not agreed to. There are a few reasons that may have happened, but it is unimportant at this point.

To solve this issue, I recommend deleting the CONTENTS of the /home/user-data/ssl/ directory then rerun sudo mailinabox. This assumes you are using the current release v 0.29.

I’m sunning v 0.29.

Is there any danger in deleting the contents of /home/user-data/ssl/ ?

No danger at all … it will regenerate. (Which is why I am suggesting to do it.)

To be on the extra safe side, make a backup of that directory first if you like. :slight_smile:

Just be certain that you only delete the CONTENTS - do not delete the directory itself!

Now when I connect to the web interface I get “your connection isn’t secure” error…

Login, go to the SSL page in the admin area … it should ask you to provision a certificate …

Though I do not know why running sudo mailinabox from the command line did not do it.

And thunderbird is giving a similar error…

OK! That did the trick. Thank you. Still don’t know what went wrong or what exactly I just did…

Thank you very much!

You are welcome. No, that did not seem to go as planned, so you may be right back in this same situation in 3 months. If so, we can try to figure out the issue then.

1 Like

Hopefully in three months I’ll migrate this box to a new 18.04 server without too many woes…

Yes, I actually realized that you likely will be upgrading to a new version running on Ubuntu 18.04 before then after I made my comment. :slight_smile: