Subscribe
By Eric in configuration

Fun with certs

Expired cert failed to renew.

The cert on this blog expired earlier this year. Ghost uses acme.sh to renew certificates which runs on a cronjob. Ran into a weird issue where the script wouldn't renew the expired cert:

[Thu Oct 28 00:23:01 UTC 2021] Le_API
[Thu Oct 28 00:23:01 UTC 2021] Skip invalid cert for: blog.ericbrock.net
[Thu Oct 28 00:23:01 UTC 2021] Return code: 2
[Thu Oct 28 00:23:01 UTC 2021] Skipped blog.ericbrock.net

Fix steps:

  1. Move net-ssl.conf file to a safe place.
  2. Run ghost setup ssl again.
  3. Move net-ssl.conf back.
  4. Run nginx -s reload.

Might be related: https://github.com/acmesh-official/acme.sh/issues/2217

Subscribe to Eric Brock

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe