Letsencrypt Cert Expired on Self Hosted Instance - Unable to Renew


#1

Hi, I accidentally let my bitwarden letsencrypt cert expire and now when I run ./bitwarden.sh start it fails to renew the cert.

Here’s the output –

Note: My domain name has been replaced with mydomain.com

Cert is due for renewal, auto-renewing…
Non-interactive renewal: random delay of 129 seconds
Plugins selected: Authenticator standalone, Installer None
Attempting to renew cert (mydomain.com) from /etc/letsencrypt/renewal/mydomain.com.conf produced an unexpected error: HTTPSConnectionPool(host=‘acme-v02.api.letsencrypt.org’, port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError(’<urllib3.connection.VerifiedHTTPSConnection object at 0x7f1c2a6ac690>: Failed to establish a new connection: [Errno -3] Try again’,)). Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/mydomain.com/fullchain.pem (failure)


All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/mydomain.com/fullchain.pem (failure)


1 renew failure(s), 0 parse failure(s)


#2

I got this figured out…

  1. Ran certbot certonly on the host computer to generate a new ssl cert
  2. Copied the folder containing the cert from /etc/letsencrypt/archive/mydomain.com to /bwdata/ssl/ AND /bwdata/letsencrypt/live/
  3. Rename /bwdata/letsencrypt/renewal/mydomain.com.conf.old to kill the renewal
  4. Run ./bitwarden.sh update
  5. PROFIT

Hope this helps someone else.