SSL Certificates Expired

My YunoHost server

Hardware: Raspberry Pi 4 at home
YunoHost version: 4.0.8
I have access to my server : Through SSH (not anymore) | through the webadmin | direct access via keyboard / screen | …
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

Hello, thanks for this amazing project.

Just today I found myself locked out because it looks like my SSL certificates have expired, can’t access using Firefox web browser, had to use Chromium to access the admin web portal.

I haven’t been able to troubleshoot myself, I’ve tried the solution listed here but renewing or installing a Let’s Encrypt certificate (after reverting to self-signed) fails, see log here

According to the log there seems to be a problem with the IP, but according to whats my IP it looks like the global IP is correct.

I would really appreciate some pointers or help!!

Do you happen to have an app installed at the root of your domain ? (Or maybe set as default app?)

Hi thanks for the quick reply!

I guess I should elaborate more, I am using 2 domains: a one and a .xyz (the .xyz domain has the same issue):

On the domain I have some apps installed but not at the root, root redirects you to

The .xyz domain has my wordpress blog installed at the root

Annnnd would you happen to have the “multi-site” option enabled maybe ? (On the wordpress?)

Anyway … not sure why this really happens and that’s a bit annoying to see this bug happening again because we thought it would be fixed … but naively I would try something like :

mv /etc/nginx/conf.d/yourdomain.tld.d/wordpress.conf{,.bkp}
nginx -t && systemctl reload nginx

… then retry to renew the certificate …

then restablish the wordpress conf with :

mv /etc/nginx/conf.d/yourdomain.tld.d/wordpress.conf{.bkp,}
nginx -t && systemctl reload nginx

(of course don’t forget to replace ‘yourdomain.tld’ by your actual domain name)

As far as I know no “multi-site” option is enabled. since this is on would it affect all the stuff on ?

Hmmnah i don’t think so … not 100% sure what this option is about exactly but that’s something like being able to have multiple site on a single blog but it’s not cross-domain … (not really sure about what i’m saying)

just tried your suggestion on the wordpress blog, no changes, here’s the log

Also I noticed that this didn’t make it into the log:

Could not sign the new certificate

Traceback (most recent call last):
File “/usr/lib/moulinette/yunohost/”, line 388, in certificate_renew
_fetch_and_enable_new_certificate(domain, staging, no_checks=no_checks)
File “/usr/lib/moulinette/yunohost/”, line 535, in _fetch_and_enable_new_certificate
raise YunohostError(‘certmanager_cert_signing_failed’)
YunohostError: Could not sign the new certificate

eeeeh so the first log you mentionned was about maindomain.tld but now it’s about domain2.tld (or viversa) ? Sooo uuuuh

First log is about domain 1 (, then as you suggested the worpress fix, I applied it to domain 2 ( So yes, 2 logs.

Domain 2 still has an active SSL certificate, which expires in 9 days.
Since I will have domain 1’s problem on domain 2 in 9 days I also tried to manually renew its SSL certificate, which yields a very similar result to trying to do the same on domain 1

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.