Auto-generate Lets Encrypt SSL Tool

Keywords: WordPress Multisite - Google Cloud Platform - Technical issue - Secure Connections (SSL/HTTPS)

bnsupport ID: ad2af06e-30b0-20f8-a481-584d286fbec2

bndiagnostic output:

? Apache: Found possible issues
? Resources: Found possible issues
https://docs.bitnami.com/general/apps/wordpress/administration/use-pagespeed/#disable-pagespeed
https://docs.bitnami.com/general/apps/wordpress/troubleshooting/debug-errors-apache/
https://docs.bitnami.com/bch/apps/moodle/troubleshooting/deny-connections-bots-apache/
https://docs.bitnami.com/installer/faq/linux-faq/administration/increase-memory-linux/

bndiagnostic failure reason: The suggested guides are not related with my issue

Description:
I have had a WP multisite instance running for some time now and host a couple of sites for friends. All has been running smoothly until one friend set up a new site on a new IP and created a new SSL without letting me know. The autorenewal failed, and now I have an expired certificate which I cannot renew through the tool. Revoking fails as the certificate has expired and if I do not revoke it fails as the list of domains is different or the IP of the migrated site is incorrect. I now have no idea how to resolve this, can anyone help?

Hi @talintyre,

To revoke the certificates, you need to use the same email/domain you used to generate the certificates.

https://docs.bitnami.com/aws/how-to/understand-bncert/#manually-revoking-an-existing-certificate

However, if the certificate is expired, you can’t revoke it, you will just need to create a new one. Can you generate a new certificate that includes the old domains and the new one in a single file? Does the tool allow you do so? Please note that our tool uses the Lego client to generate the certificates, so every error message you get is generated by that other tool.

You will get more information about how to proceed in the Let’s Encrypt forums. Did you ask there?

https://community.letsencrypt.org/

Thanks

@jota thanks for the follow up, and explaining the tool a bit more. You have highlighted precisely the issue, the existing certificate cannot be revoked as it has expired, and a new certificate cannot be generated as the domain list is different. The only thing I can think of is that I get the domain pointing back to my IP then renew the original, and finally revoke it by setting up a new domain list.

Hi @talintyre,

yes, that is probably the solution, but please ask in the Let’s Encrypt community forum to get more information about other paths to follow

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.