Expired SSL certificate at deb.odroid.in

Post Reply
gyth
Posts: 11
Joined: Mon May 20, 2019 10:08 pm
languages_spoken: English
ODROIDs: N2
Has thanked: 3 times
Been thanked: 1 time
Contact:

Expired SSL certificate at deb.odroid.in

Unread post by gyth » Thu May 30, 2019 6:14 am

I'm trying to use https on all of my repos and found the Let's Encrypt certificate on this domain has expired. Please renew it to make https usable again.

User avatar
odroid
Site Admin
Posts: 32508
Joined: Fri Feb 22, 2013 11:14 pm
languages_spoken: English
ODROIDs: ODROID
Has thanked: 181 times
Been thanked: 349 times
Contact:

Re: Expired SSL certificate at deb.odroid.in

Unread post by odroid » Thu May 30, 2019 9:32 am

Thank you for letting us know the issue.
We will check it.

User avatar
mad_ady
Posts: 6782
Joined: Wed Jul 15, 2015 5:00 pm
languages_spoken: english
ODROIDs: XU4, C1+, C2, N1, H2, N2
Location: Bucharest, Romania
Has thanked: 215 times
Been thanked: 164 times
Contact:

Re: Expired SSL certificate at deb.odroid.in

Unread post by mad_ady » Thu May 30, 2019 1:29 pm

@odroid: you should setup certwatch to periodically check and notify your team about impending expiration dates: https://www.systutorials.com/docs/linux ... certwatch/

User avatar
odroid
Site Admin
Posts: 32508
Joined: Fri Feb 22, 2013 11:14 pm
languages_spoken: English
ODROIDs: ODROID
Has thanked: 181 times
Been thanked: 349 times
Contact:

Re: Expired SSL certificate at deb.odroid.in

Unread post by odroid » Thu May 30, 2019 1:35 pm

In fact, the auto renewal actually worked but we've had to restart the webserver for the new certificate takes effect.
Anyway, it seems to be fixed now.
https://deb.odroid.in/
These users thanked the author odroid for the post:
gyth (Tue Jun 04, 2019 9:13 am)

elatllat
Posts: 1573
Joined: Tue Sep 01, 2015 8:54 am
languages_spoken: english
ODROIDs: XU4, N1, N2
Has thanked: 24 times
Been thanked: 64 times
Contact:

Re: Expired SSL certificate at deb.odroid.in

Unread post by elatllat » Mon Jun 03, 2019 3:53 am

One only needs reload, not restart. Also you can have the server email you only if the cert is not updated by checking the date on the current cert. Something like

Code: Select all

#!/bin/bash

#
# letsencrypt.sh
#

function doit {
	D="$2"
	/opt/certbot-auto certonly -q --webroot -w /var/www/html/"$D" -d "$D" --no-redirect 2>&1 | \
		grep -v DeprecationWarning
	/sbin/service httpd reload > /dev/null
	DC=$(/usr/bin/openssl x509 -text -in /etc/letsencrypt/live/"$D"/cert.pem | \
		grep "Not After" | \
		perl -pe 's/ *Not After : *//g')
	DS=$(date -d"$DC" +%s)
	D2=$(date +%s)
	D2=$(echo "$D2+(30*24*60*60)" | bc)
	if [ "$DS" -lt "$D2" ] ; then
		echo "Please run /opt/certbot-auto manualy for $D before $DC" >&2
	fi
}
doit deb.odroid.in

gyth
Posts: 11
Joined: Mon May 20, 2019 10:08 pm
languages_spoken: English
ODROIDs: N2
Has thanked: 3 times
Been thanked: 1 time
Contact:

Re: Expired SSL certificate at deb.odroid.in

Unread post by gyth » Mon Aug 12, 2019 11:57 pm

The certificate has expired once again, please set up some kind of auto-renewal thing with either certbot or acme.sh.

User avatar
odroid
Site Admin
Posts: 32508
Joined: Fri Feb 22, 2013 11:14 pm
languages_spoken: English
ODROIDs: ODROID
Has thanked: 181 times
Been thanked: 349 times
Contact:

Re: Expired SSL certificate at deb.odroid.in

Unread post by odroid » Tue Aug 13, 2019 9:18 am

These users thanked the author odroid for the post:
gyth (Thu Aug 15, 2019 1:40 pm)

Post Reply

Return to “Ubuntu”

Who is online

Users browsing this forum: No registered users and 1 guest