Situation: 2019-0417: I run my own webserver and my SSL/TLS encryption certificates expired.
Background: I like to use certbot to create and manage my SSL/TLS certificates and the certificates expire every 90 days. Certbot is an easy-to-use automatic client that fetches and deploys SSL/TLS certificates for your web server. https://certbot.eff.org/about/
My server is running:
Linux server 4.17.0-1-amd64 #1 SMP Debian 4.17.8-1 (2018-07-20) x86_64 GNU/Linux
Distributor ID: Debian
Description: Debian GNU/Linux testing (buster)
Release: testing
Codename: buster
Assessment: I will outline the steps I took for renewing my certificate.
Implementation: All commands are run in a terminal.
1. stop the apache web server
systemctl stop apache2
2. View the certificates installed and see their expiration date
certbot certificates
3. certbot command to renew certificate
certbot certonly --cert-name [name-of-your-certificate-here] --force-renewal
You get the following output
How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Apache Web Server plugin (apache)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)
my selection:
choose option 2 "Spin up a temporary webserver (standalone)"
3. restart apache2
systemctl start apache2
4. View certificate and check new date
certbot certificates
5. Check certificate at ssl labs
https://www.ssllabs.com/ssltest
Finished 2019-0417