Trouble renewing ssl certificate via certbot on AWS Lightsail

cortenils · April 29, 2022, 10:30am

Keywords: General - AWS - Technical issue - Secure Connections (SSL/HTTPS)

bndiagnostic ID: 201f99c7-c02f-32b8-7a8f-414239b4b3b7

bndiagnostic output:

? Apache: Found possible issues
? Resources: Found possible issues
https://docs.bitnami.com/general/apps/wordpress/troubleshooting/debug-errors-apache/

bndiagnostic failure reason: The suggested guides are not related with my issue

Description:
I renewed the Let’s Encrypt certificate by following AWS Lightsail tutorial, and I got the CertBot message that the renewing succeeded

I moved the existing certificate files as instructed, then ran the following commands :

sudo ln -s /etc/letsencrypt/live/$DOMAIN/privkey.pem /opt/bitnami/apache2/conf/server.key
sudo ln -s /etc/letsencrypt/live/$DOMAIN/fullchain.pem /opt/bitnami/apache2/conf/server.crt

I restarted Apache but like before, the certificate still shows up as expired. I have verified that the bitnami-ssl.conf file located at /opt/bitnami/apache2/conf/bitnami/bitnami-ssl.conf has the following lines:
SSLCertificateFile “/opt/bitnami/apache2/conf/server.crt”
SSLCertificateKeyFile “/opt/bitnami/apache2/conf/server.key”

Any help would be very much appreciated.

jota · May 3, 2022, 7:22am

Hi @cortenils ,

We do not maintain the guide you are referring to and do not know what’s wrong with it. However, I can see the symlinks you created are wrong, $DOMAIN is not being replaced correctly

apache/conf:
total 348
drwxrwxr-x  6 bitnami root   4096 Apr 29 09:41 .
drwxr-xr-x 17 root    root   4096 Oct 21  2021 ..
drwxrwxr-x  4 bitnami root   4096 Apr 29 10:00 bitnami
-rw-rw-r--  1 bitnami root    263 Nov 10 20:14 deflate.conf
drwxrwxr-x  2 bitnami root   4096 Oct  7  2021 extra
-rw-rw-r--  1 bitnami root  19612 Nov 10 20:38 httpd.conf
-rw-rw-r--  1 bitnami root  13064 Oct  7  2021 magic
-rw-rw-r--  1 bitnami root  60847 Oct  7  2021 mime.types
-rw-rw-r--  1 bitnami root  10530 Oct  7  2021 modsecurity.conf
drwxrwxr-x  3 bitnami root   4096 Oct  7  2021 original
-rw-rw-r--  1 bitnami root  17333 Oct  7  2021 pagespeed.conf
-rw-rw-r--  1 bitnami root 141034 Oct  7  2021 pagespeed_libraries.conf
lrwxrwxrwx  1 root    root     36 Apr 29 09:41 server.crt -> /etc/letsencrypt/live//fullchain.pem
lrwxrwxrwx  1 root    root     34 Apr 29 09:41 server.key -> /etc/letsencrypt/live//privkey.pem
-rw-rw-r--  1 bitnami root  53146 Oct  7  2021 unicode.mapping
drwxrwxr-x  3 bitnami root   4096 Nov 10 20:38 vhosts

Please ensure $DOMAIN has the correct value or replace $DOMAIN with your domain when running the command. You can verify the symlink was created correctly by running this command.

ls -la  /opt/bitnami/apache2/conf/server.key

Remember to restart Apache after that. If you continue running into issues after following the guide, please contact the Lightsail team.

You can always follow our guide to generate a valid SSL cert

https://docs.bitnami.com/aws/how-to/generate-install-lets-encrypt-ssl/#alternative-approach

cortenils · May 3, 2022, 4:01pm

thank you so much for sharing your guide.

system · May 17, 2022, 4:02pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.