Closed hankache closed 6 years ago
Looks like something happened in the past ~24hr that broke the cert 'cause the site worked for me fine around that time...
Thanks to moritz++ the issue is now fixed.
Ok, let me try to describe what happened:
/root/letsencrypt/more-certs.sh
) that is supposed to renew the certs. It didn't give any errors/etc/letsencrypt/live/www.perl6.org/
, while Apache used /etc/letsencrypt/live/design.p6c.org/
as the directory for its *.pem filesperl -i -pE 's{live/design.p6c.org/}{live/www.perl6.org}g' *
in /etc/apache2/sites-enabled/
to address this issueBut it turns out that the cron job uses a hardcoded list of domains, and is a bit outdated, so it didn't include rakudo.org and its subdomain(s).
Later, @zoffixznet noticed that rakudo.org didn't have a valid cert, and tried to fix it. This was complicated by the fact that the the perl -i ...
script replaced the symlinks in /etc/sites-enabled
to modified copies of the files, so editing the files in /etc/sites-avaiable
didn't have any effect.
By the time I read Zoffix's messages on the topic, and realized the symlink problem, we had already run into a rate limit from let's encrypt, and we couldn't obtain new certs anymore.
For the moment, I've re-instated the old certs, so we still have to get new certs in the next ~6 days.