Question

How to Renew SSL Ubuntu OpenLiteSpeed Wordpress

I installed Ubuntu OpenLiteSpeed Wordpress and by default SSL is installed at that time.

Now the problem is it is expired and now I am trying to renew but not able to renew.

I used this command certbot renew

After that I got the error listed below. Please help

Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /etc/letsencrypt/renewal/www.feedknock.com.conf


Cert is due for renewal, auto-renewing… Plugins selected: Authenticator webroot, Installer None Renewing an existing certificate Performing the following challenges: http-01 challenge for feedknock.com http-01 challenge for www.feedknock.com Cleaning up challenges Attempting to renew cert (www.feedknock.com) from /etc/letsencrypt/renewal/www.feedknock.com.conf produced an unexpected error: Missing command line flag or config entry for this setting: Select the webroot for www.feedknock.com: Choices: [‘Enter a new webroot’, ‘/var/www/html’]

(You can set this with the --webroot-path flag). Skipping. All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/www.feedknock.com/fullchain.pem (failure)


All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/www.feedknock.com/fullchain.pem (failure)


1 renew failure(s), 0 parse failure(s)


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

It shows that certificate already got renewed or at least not expired yet from the dry run output result. What I may guess is openlitespeed web server restart hook did not work or not exist on the cronjob.

Please check if lsws restart hook set in the cron by command:

cat /etc/cron.d/certbot

We expect to see something like:

0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew  --deploy-hook "/usr/local/lsws/bin/lswsctrl restart"

Best, Eric

Thank you so much.

I was able to figure out the path that I needed to enter and that did the trick! Its just that I am a novice and I do not know the syntax so the simplest things are difficult, but thankfully, with the help of folks like you I was able to figure it out! Thanks again!

Alex

Hi @feedknock,

It seems like you didn’t specify the directory root path thus the renew failing.

As for your second error

There were too many requests of a given type :: Error creating new order :: too many certificates already issued for exact set of domains: feedknock.com,www.fee dknock.com: see https://letsencrypt.org/docs/rate-limits/

It seems you have been rate limited. Let’s Encrypt have a limit on how many requests per 24 hours from one IP and for one domain can come. There is nothing you can do in this case, you’ll just need to wait until tomorrow to try again.

Regards, KDSys