Renewing (an expired?) Let’s Encrypt SSL certificate with Easy Engine

The routine is expected to be as follows:

ee site update re-wp.com --letsencrypt=off
ee site update re-wp.com --letsencrypt=on
ee site update re-wp.com --letsencrypt=renew

Right? Well, yes, if your environment is up-to-date.  Result of the last command should be like:

Renewing SSl cert for https://re-wp.com
Reload : nginx [OK]
SUCCESS: Certificate was successfully renewed For https://re-wp.com
Your cert will expire within 89 days.
Expiration DATE: Tue Sep 12 08:23:00 UTC 2017

You might come up to this problem, though:

Renewing SSl cert for https://re-wp.com
ERROR : Cannot RENEW SSL cert !
Your current cert already EXPIRED !
Check logs for reason `tail /var/log/ee/ee.log` & Try Again!!!

Let’s have a look at the logs then! Do you find there a line, stating like setuptools pkg_resources pip wheel failed with error code 1 ?

If so, then here is what you have to try:

  1. Check if this solved the issues. Some people were happy to find it as a sole solution of the problem:
    apt-get install letsencrypt
  2. If that didn’t help, maybe this:
    export LC_ALL="en_US.UTF-8"
    export LC_CTYPE="en_US.UTF-8"
  3. Here comes the long shot (which helped me personally):
    apt-get install python-pip
    
    pip install setuptools
    
    export LC_ALL="en_US.UTF-8"
    
    export LC_CTYPE="en_US.UTF-8"
    
    pip install setuptools
    
    pip install --upgrade setuptools

Running the command for renewing the certificate should work just fine this time.


Comments

2 responses to “Renewing (an expired?) Let’s Encrypt SSL certificate with Easy Engine”

  1. Jorge Santos Avatar
    Jorge Santos

    Sorry Vladdimir,
    for me don’t work, happens when upgrade to ee v3.8

    Renewing SSl cert for https:/example.com
    ERROR : Cannot RENEW SSL cert !
    Your current cert will expire within 18 days.
    Connection unexpectedly closed

    1. Vladimir Vassilev Avatar
      Vladimir Vassilev

      Hey, Jorge,
      This problem is not related to the certificate being expired but rather a server (or EasyEngine) misconfiguration. I found a possible solution for you here: https://community.easyengine.io/t/lets-encyrpt-auto-renewal-keeps-failing/9060/9

      To summarize, you should check whether your www. subdomain is pointing at the same IP address and you should try running LetsEncrypt directly, instead of through EasyEngine. Hopefully this will fix it for you.

Leave a Reply

Your email address will not be published. Required fields are marked *