Certificat let's encrypt validity -2?

Support
1

Hi Yunohosters,

My YunoHost configuration

Hardware: x64 vps
Internet access: in a datacenter
YunoHost version:
yunohost: 3.2.2
yunohost-admin: 3.2.1
moulinette: 3.2.0
ssowat: 3.2.0
Have you personalized your yunohost with some specifics configurations or do you use only the yunohost cli/webadmin tool ? basic
If personalized, how:

Description of my problem

So I have migrate from debian 8 / yuno V2.7 to debian 9 yuno V3.2
after some problem resolved in other posts.
I didn’t have problem with certificate after migration, but the period of 18 days have been time-out.
The renew have not been done automaticaly.

I tried to do it manually but have some error:

jean@mondomaine:~$ sudo yunohost domain cert-status
certificates:
mondomaine.fr:
CA_type: Let’s Encrypt
summary: CRITICAL
validity: -2
jean@mondomain:~$ sudo yunohost domain cert-renew
Warning: Certificate for domain mondomain.fr does not appear to be correctly installed. Please run cert-install for this domain first.
Info: No certificate needs to be renewed.
jean@mondomain:~$ sudo yunohost domain cert-install
jean@mondomain:~$
#no feedback on the console
jean@mondomain:~$sudo tail -15 /var/log/yunohost/yunohost-cli.log
2018-11-18 17:20:54,591 DEBUG moulinette.actionsmap init - loading actions map namespace ‘yunohost’
2018-11-18 17:20:54,603 DEBUG moulinette.actionsmap init - extra parameter classes loaded: [‘ask’, ‘password’, ‘required’, ‘pattern’]
2018-11-18 17:20:54,603 DEBUG moulinette.interface init - initializing base actions map parser for cli
2018-11-18 17:20:54,604 DEBUG moulinette.interface init - registering new callback action ‘yunohost.utils.packages.ynh_packages_version’ to [’-v’, ‘–version’]
2018-11-18 17:20:54,670 DEBUG moulinette.authenticator.ldap init - initialize authenticator ‘ldap-anonymous’ with: uri=‘ldap://localhost:389’, base_dn=‘dc=yunohost,dc=org’, user_rdn=‘None’
2018-11-18 17:20:54,673 DEBUG moulinette.core acquire - lock has been acquired
2018-11-18 17:20:54,715 DEBUG moulinette.actionsmap process - loading python module yunohost.domain took 0.042s
2018-11-18 17:20:54,715 INFO moulinette.actionsmap process - processing action [17105.1]: yunohost.domain.cert-install with args={‘no_checks’: False, ‘force’: False, ‘domain_list’: [], ‘self_signed’: False, ‘auth’: <moulinette.authenticators.ldap.Authenticator object at 0x7f26b2a1db50>, ‘staging’: False}
2018-11-18 17:20:55,075 DEBUG requests.packages.urllib3.connectionpool _new_conn - Starting new HTTPS connection (1): ip.yunohost.org
2018-11-18 17:20:55,165 DEBUG requests.packages.urllib3.connectionpool _make_request - https://ip.yunohost.org:443 “GET / HTTP/1.1” 200 13
2018-11-18 17:20:55,187 DEBUG requests.packages.urllib3.connectionpool _new_conn - Starting new HTTP connection (1): 51.75.yyy.xxx
2018-11-18 17:20:55,190 DEBUG requests.packages.urllib3.connectionpool _make_request - http://51.75.yyy.xxx:80 “HEAD / HTTP/1.1” 302 0
2018-11-18 17:20:55,190 DEBUG moulinette.actionsmap process - action [17105.1] executed in 0.475s
2018-11-18 17:20:55,191 DEBUG moulinette.core release - lock has been released

I don’t know how to correct
Thank you for any help
Bye

2

Uh okay that’s weird ?

What happens if you run : sudo yunohost domain cert-install your.domain.tld ?

3

Ok that’s help me !! :+1: with --force

$ sudo yunohost domain cert-install mondomaine.fr
Error: The certificate for domain mondomaine.fr is not self-signed. Are you sure you want to replace it? (Use --force)
jean@mondomaine:~$ sudo yunohost domain cert-install mondomaine.fr --force
Info: Now attempting install of certificate for domain mondomaine.fr!
Success! The SSOwat configuration has been generated
Info: Parsing account key…
Info: Parsing CSR…
Info: Registering account…
Info: Registered!
Info: Verifying mondomaine.fr
Info: mondomaine.fr verified!
Info: Signing certificate…
Info: Certificate signed!
Success! Successfully installed Let’s Encrypt certificate for domain mondomaine.fr!

Nice !
Thanx a lot you rocks ! @Aleks :slight_smile:

4