{"id":2478,"date":"2022-08-31T19:56:08","date_gmt":"2022-08-31T23:56:08","guid":{"rendered":"https:\/\/matthannan.net\/blog\/?p=2478"},"modified":"2022-08-31T20:26:37","modified_gmt":"2022-09-01T00:26:37","slug":"more-lets-encrypt-v3-part-b-subparagraph-g","status":"publish","type":"post","link":"https:\/\/matthannan.net\/blog\/more-lets-encrypt-v3-part-b-subparagraph-g\/","title":{"rendered":"More Let’s Encrypt V3, Part B, Subparagraph G"},"content":{"rendered":"\n

Well, it has been three months since I last<\/a> had to wrestle with Let’s Encrypt certs.<\/p>\n\n\n\n

As expected, they did not auto-renew.<\/p>\n\n\n\n

I issued the commands found in the previous post on this topic and noticed something.<\/p>\n\n\n\n

[name@server ~]$ .acme.sh\/acme.sh --issue --server letsencrypt -d www.nycnyne.net -d nycnyne.net -w \/home\/name\/public_html\/nycnyne.net\/\n[Wed Aug 31 19:12:42 EDT 2022] Domains not changed.\n[Wed Aug 31 19:12:42 EDT 2022] Skip, Next renewal time is: 2022-09-29T04:31:03Z\n[Wed Aug 31 19:12:42 EDT 2022] Add '--force' to force to renew.\n\n[name@server ~]$ .acme.sh\/acme.sh --issue --server letsencrypt -d www.matthannan.net -d matthannan.net -w \/home\/name\/public_html\/\n[Wed Aug 31 19:13:05 EDT 2022] Domains not changed.\n[Wed Aug 31 19:13:05 EDT 2022] Skip, Next renewal time is: 2022-09-29T04:30:51Z\n[Wed Aug 31 19:13:05 EDT 2022] Add '--force' to force to renew.<\/code><\/pre>\n\n\n\n
 What’s that –force business? And what do you mean “Skip”?<\/p>\n\n\n\n
So I issued the commands again, but this time with the –force switch. This did the business. <\/p>\n\n\n\n
[name@server ~]$ .acme.sh\/acme.sh --issue --force --server letsencrypt -d www.nycnyne.net -d nycnyne.net -w \/home\/name\/public_html\/nycnyne.net\/\n[Wed Aug 31 19:30:23 EDT 2022] Using CA: https:\/\/acme-v02.api.letsencrypt.org\/directory\n[Wed Aug 31 19:30:23 EDT 2022] Multi domain='DNS:www.nycnyne.net,DNS:nycnyne.net'\n[Wed Aug 31 19:30:23 EDT 2022] Getting domain auth token for each domain\n[Wed Aug 31 19:30:25 EDT 2022] Getting webroot for domain='www.nycnyne.net'\n[Wed Aug 31 19:30:25 EDT 2022] Getting webroot for domain='nycnyne.net'\n[Wed Aug 31 19:30:25 EDT 2022] Verifying: www.nycnyne.net\n[Wed Aug 31 19:30:25 EDT 2022] Pending, The CA is processing your order, please just wait. (1\/30)\n[Wed Aug 31 19:30:29 EDT 2022] Success\n[Wed Aug 31 19:30:29 EDT 2022] Verifying: nycnyne.net\n[Wed Aug 31 19:30:29 EDT 2022] Pending, The CA is processing your order, please just wait. (1\/30)\n[Wed Aug 31 19:30:32 EDT 2022] Success\n[Wed Aug 31 19:30:32 EDT 2022] Verify finished, start to sign.\n[Wed Aug 31 19:30:32 EDT 2022] Lets finalize the order.\n[Wed Aug 31 19:30:32 EDT 2022] Le_OrderFinalize='https:\/\/acme-v02.api.letsencrypt.org\/acme\/finalize\/numbers'\n[Wed Aug 31 19:30:34 EDT 2022] Downloading cert.\n[Wed Aug 31 19:30:34 EDT 2022] Le_LinkCert='https:\/\/acme-v02.api.letsencrypt.org\/acme\/cert\/more numbers'\n[Wed Aug 31 19:30:34 EDT 2022] Cert success.<\/code><\/pre>\n\n\n\n
I then used cat to show the cert and key and copied those into the TLS\/SSL page in cPanel.<\/p>\n\n\n\n
A few minutes later, and a hard refresh, I had a lock icon showing again. I am not convinced that the cron job is doing what is expected of it.<\/p>\n","protected":false},"excerpt":{"rendered":"
Well, it has been three months since I last had to wrestle with Let’s Encrypt certs. As expected, they did not auto-renew. I issued the commands found in the previous post on this topic and noticed something. What’s that –force … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[5],"tags":[648,616,368,201,649,404,650],"class_list":["post-2478","post","type-post","status-publish","format-standard","hentry","category-geek","tag-acme","tag-certificates","tag-lets-encrypt","tag-namecheap","tag-never-works-as-advertised","tag-royal-pita","tag-use-the-force"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p2NxlE-DY","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":2377,"url":"https:\/\/matthannan.net\/blog\/lets-encrypt-v3\/","url_meta":{"origin":2478,"position":0},"title":"Let’s Encrypt V3","author":"matthannan","date":"1 June 2022","format":false,"excerpt":"The Acme script that I use, like many people out there, to keep my Let's Encrypt TLS\/SSL certificate updated has recently had a breaking change of an upgrade. Namecheap, my hosting provider, is using an older version of OpenSSL. While this does not sound awesome, it is the upgrade from\u2026","rel":"","context":"In "Geek"","block_context":{"text":"Geek","link":"https:\/\/matthannan.net\/blog\/category\/geek\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1605,"url":"https:\/\/matthannan.net\/blog\/lets-encrypt-again\/","url_meta":{"origin":2478,"position":1},"title":"Let’s Encrypt, again","author":"matthannan","date":"18 August 2019","format":false,"excerpt":"This has become buried at nycnyne.net, so I wanted to get this added here. Three more months and I am playing with Let's Encrypt at Namecheap again. I can get nycnyne.net working again with this one-liner and a copy\/paste the key to the cPanel. acme.sh --issue -d nycnyne.net -d www.nycnyne.net\u2026","rel":"","context":"In "Geek"","block_context":{"text":"Geek","link":"https:\/\/matthannan.net\/blog\/category\/geek\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1257,"url":"https:\/\/matthannan.net\/blog\/ssl-with-lets-encrypt-on-namecheap\/","url_meta":{"origin":2478,"position":2},"title":"SSL with Let’s Encrypt on Namecheap","author":"matthannan","date":"24 November 2017","format":false,"excerpt":"My hosting provider does not fully support Let's Encrypt for free SSL certificates. This site shows how to set it up manually. (edit) It worked! I have two domains on my host: matthannan.net and nycnyne.net, which is my forum site for my old friends now scattered. I enabled the 1-year-free\u2026","rel":"","context":"In "Geek"","block_context":{"text":"Geek","link":"https:\/\/matthannan.net\/blog\/category\/geek\/"},"img":{"alt_text":"secure lock","src":"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2017\/11\/secure.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":1683,"url":"https:\/\/matthannan.net\/blog\/lets-encrypt-again-part-3\/","url_meta":{"origin":2478,"position":3},"title":"Let’s Encrypt, again, Part 3","author":"matthannan","date":"20 November 2019","format":false,"excerpt":"Another 3 months has past and I needed to renew my certs. The previous method for taking care of NycNyne is still a relatively simple one liner, but matthannan.net continues to be a nightmare. Well, a hassle, anyway. I went with the links in the Part 2 of this series\u2026","rel":"","context":"In "Geek"","block_context":{"text":"Geek","link":"https:\/\/matthannan.net\/blog\/category\/geek\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1608,"url":"https:\/\/matthannan.net\/blog\/lets-encrypt-again-part-2\/","url_meta":{"origin":2478,"position":4},"title":"Let’s Encrypt, again, Part 2","author":"matthannan","date":"18 August 2019","format":false,"excerpt":"This site gave me a good starting point. I ran the commands in my WLS Debian instance and then uploaded the keys via cPanel copy & paste, per this site starting at Step 9. I am a little concerned about this, as matthannan.net is, basically, what everything runs off of,\u2026","rel":"","context":"In "Geek"","block_context":{"text":"Geek","link":"https:\/\/matthannan.net\/blog\/category\/geek\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2019\/08\/LE_mhnet.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":2259,"url":"https:\/\/matthannan.net\/blog\/synology-nas-vpn-server\/","url_meta":{"origin":2478,"position":5},"title":"Synology NAS VPN Server","author":"matthannan","date":"9 May 2021","format":false,"excerpt":"It has been a long while since I wrote about VPN servers. This is because of the change of job, and then working from home for over a year because of COVID-19. But I have kept playing with the technology over the years. The old SoftEther VPN is long gone.\u2026","rel":"","context":"In "Geek"","block_context":{"text":"Geek","link":"https:\/\/matthannan.net\/blog\/category\/geek\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2021\/05\/image-2.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2021\/05\/image-2.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2021\/05\/image-2.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/posts\/2478","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/comments?post=2478"}],"version-history":[{"count":1,"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/posts\/2478\/revisions"}],"predecessor-version":[{"id":2503,"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/posts\/2478\/revisions\/2503"}],"wp:attachment":[{"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/media?parent=2478"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/categories?post=2478"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/tags?post=2478"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}