Question
Letsencrypt Shows Expired, Renewal Fails, Litespeed Wordpress Droplet
- Posted March 4, 2020
- Ubuntu 18.04
My domain shows an expired cert even though Certbot says renewal is not needed. I tried a dry run renewal and got the following error. I’m not sure what to do. This is on DigitalOcean having used the Litespeed Wordpress Droplet.
Attempting to renew cert (www.thinkliz.com) from /etc/letsencrypt/renewal/www.thinkliz.com.conf produced an unexpected error: urn:ietf:params:acme:error:malformed :: The request message was malformed :: Method not allowed. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.thinkliz.com/fullchain.pem (failure)
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hello, @internetjason
It seems like your SSL Certificate has expired. Could you please post the versions of your installed Certbot packages? In particular python3-acme.
dpkg-query -l | grep certbot
If it is not at 0.31.0-2, perhaps try to forcefully upgrade it:
sudo apt update && apt install --only-upgrade python3-acme
And then try to renew the certificate again and execute the –dry-run as well.
Let me know how it goes.
Regards, Alex
I had a similar, maybe not related, issue recently with our litespeed server. Went in to perform a renewal and it wasn’t needed. However, on my browser it was telling me the connection wasn’t secure and the cert had an older date.
This was resolved when I performed a graceful restart on the litespeed panel. This has happened before. Not sure if there is some kind of cache issue.
I’m not sure what to make of this. When I visit https://check-your-website.server-daten.de/?q=thinkliz.com#ct-logs I get the following:
Info: Problems with 3.048.289 Letsencrypt certificates (378.325 accounts). They must be revoked (revocation starts 2020-03-04 20:00 UTC) - see Revoking certain certificates on March 4.
But there are no instructions on revoking and renewing. I’m lost on what to do or even if my cert is one affected.