Ssl cert from Let's Encrypt is renewing but not updating the actual files in the home dir

Virtualmin
1
SYSTEM INFORMATION
OS type and version Ubuntu Linux 22.04.4
Webmin version 2.111
Virtualmin version 7.10.0 Pro
Related packages

The request for a new/update cert from Let’s Encrypt completes successfully and shows as having an expiry date in the future but on the “Current Certificate” page it says the currently used cert expired 44 days ago. The actual file ssl.cert and ssl.key are not being updated.

2

Is it updated in say the web browser of the website (not virtuamin)?
If it is, maybe clear cache of virtualmin theme.

3

No. The site in question shows as lacking https when visited.

4

No. The files in the home dir are not being updated.

5

Do the locations and other domain and services look ok?

image
image1416×701 103 KB

6

Yes. Only one domain has this problem. ALL of the rest work correctly.

7

Only thing I can think is to request a new certificate.

8

To quote the original statement…

9

Hmm… I think the default is to not store them in the home directory so users can’t f them up. You are saying the time stamps on the file don’t change?
image

10

That is correct. The files are not being updated even though the certificate request was successful.

I believe storing certs and keys in the home directory is provided as an option in Virtualmin.

11

Screenshot from 2024-04-24 08-49-51
Screenshot from 2024-04-24 08-49-51848×410 69.1 KB

Screenshot from 2024-04-24 08-51-13

12

Check the timestamp on the cert in /etc/letsencrypt/live/domain.tld

13

Screenshot from 2024-04-24 08-53-20
Screenshot from 2024-04-24 08-53-20925×436 71.5 KB

14

Screenshot from 2024-04-24 08-55-33
Screenshot from 2024-04-24 08-55-33888×158 27.2 KB

15

Since auto-renew isn’t checked, are you trying to renew or get a new one? Both?

16

I did manually request a renewed cert and what is visible in the screen shot is that it was successful. The “Last successful renewal” date is yesterday but the files are not being updated.

17

Try requesting a new. I wonder if a ‘gap’ in the archive is causing the problem.

18

I have requested new certs many times over the past 40+ days. It is always successful but the file is never updated.

19

That is correct however I always store the files in the users home rather than the default, as I can find them rather than having to decode the domain id. That said i changed this as soon as that default was made and have no problems since maybe there is some alteration in the code that prevents this happening on fresh domains or domains created after a certain version of virtualmin … just a thought

20

If it can’t write it should show something here?
/var/log/letsencrypt/letsencrypt.log

EDIT: Found this in the log:
Your key file has been saved at:
/etc/letsencrypt/live.xxxtions.org/privkey.pem