Service SSL Certificates due to expire
One of our servers is getting email nags about Let's Encrypt service SSL certificates expiring within 30 days. It has not reached the 3 day mark (which is a little down-to-the-wire I might add), but is there a way to force renew these certs early?
I reviewed this post which cPRex advised to try running these commands:
cp -Rf /var/cpanel/hostname_cert_csrs /var/cpanel/hostname_cert_csrs.bak
/bin/rm -rf /var/cpanel/hostname_cert_csrs/*
/usr/local/cpanel/bin/checkallsslcerts
However after trying that I still just get the same output that if these certificates still remain installed 3 days prior then the system will attempt to replace them.
I also tried restarting cpsrvd with:
/usr/local/cpanel/scripts/restartsrv_cpsrvd --restart
And then ran checkallsslcerts again but I still get "If this certificate remains installed 3 days prior the system will attempt to replace it". For the time being I have copied hostname_cert_csrs.bak back to hostname_cert_csrs and restarted cpsrvd again.
Is there is a way to renew these certificates early so we aren't getting warning emails every day?
Thanks in advance!
-
Hey there! If you want to renew them early you can go to WHM >> Manage Service SSL Certificates and click the "Reset certificate" option next to each service. That will create a self-signed certificate on the service and then the system will be able to issue a new, real certificate.
0 -
That worked, just ran
/usr/local/cpanel/bin/checkallsslcerts
after and it's all good now, thanks!
0 -
You're welcome!
0
Please sign in to leave a comment.
Comments
3 comments