Renew SSL Certificate

Kobo On Your Own Server
1

Hello,

I recently installed Kobo on my own server and everything has been working well. However, my installed ssl certificates have just expired. I have generated a new certificate using " certbot certonly --server https://acme-v02.api.letsencrypt.org/directory --manual --preferred-challenges dns -d ‘*.example.com’ -d example.com"
This succeeded and my certificates are now under /etc/letsencrypt/live/[example.com]. I am still unable to access the site using https.
I would like to know where I should place this certificates as the /kobo-docker/secrets folder seems to have been deprecated

2

Hello @derricknyakiba,
Certificates should be renewed automatically, if they don’t it’s an issue.
Have you restarted the container?

1 Like
3

@OlivierL
My certificate expired today, and it hasn’t auto renewed. I tried restarting all the containers but doesn’t work. What should I do at this stage?

@stephanealoo can you help?

4

Hello @ks_1,

Can you look at the cerbot container logs?

1 Like
6

After a lot of trouble, I did it. I reinstalled the certificate manually. Here are the exact steps I followed, for the benefit of anyone else who finds themselves in a similar situation:

  1. Obtain the SSL certificate from LetsEncrypt and store it in the local host.

sudo docker run -it --rm --name certbot -v “/etc/letsencrypt:/etc/letsencrypt” -v “/var/lib/letsencrypt:/var/lib/letsencrypt” certbot/certbot certonly --manual -d yourdomain -d *.yourdomain

  1. Copy generated certificate and key to current folder (optional)

sudo cp /etc/letsencrypt/live/yourdomain/fullchain.pem .
sudo cp /etc/letsencrypt/live/yourdomain/privkey.pem .

  1. Copy the certificate and key into the certbot container (your container name may be different):

sudo docker cp fullchain.pem nginxcertbot_nginx_1:/fullchain.pem
sudo docker cp privkey.pem nginxcertbot_nginx_1:/privkey.pem

  1. SH into the container and place both the files in the correct folders:

sudo docker exec -it nginxcertbot_nginx_1 sh
cp fullchain.pem /etc/letsencrypt/live/yourdomain
cp privkey.pem /etc/letsencrypt/live/yourdomain

  1. Make sure the configuration file at /etc/nginx/conf.d/app.conf points to the correct folders.

  2. Exit and restart the certbot container!

1 Like
7

@ks_1, thank you for sharing these detailed steps :clap:. It should help the community having similar issues.

8

Hello There,

Letsencrypt SSL certificate was expired of my kobotoolx domain.
I just follow the the below steps and issue resolved.

cd /home/mykobo/nginx-certbot

./init-letsencrypt.sh

SSL will be renew and no data loss.

Hope this will be helpfull.

Thanks

1 Like
9

@ks_1 thank you for the detailed instructions, but don’t you have to do all these again after each time the container restarted ?

10

No, the container uses volumes to take the existing certificates.

3 Likes