Youtube link: https://www.youtube.com/watch?v=BNlb-zt78Ow
Renew SSL
How to Renew SSL FREE of Cost (CERTBOOT)
--Jay Bharat, TL, Tech Mahindra, 9844542127 bharatbaba.com
Step 1
• Relax- for a minute Close your eyes for a Minute and Relax
Step 2
My terminal PWD MAC book pro MAMP
a9844542127@9844542127s-MacBook-Pro letsencrypt % pwd
• /private/etc/letsencrypt
•
Step 3
Official document and Forum
As mentioned here
https://community.letsencrypt.org/t/renew-dry-run-fails-but-renew-force-renewal-succeeds/155942
https://community.letsencrypt.org/t/when-i-can-renew-certification-using-certbot-in-manual-mode/60110/4
https://community.letsencrypt.org/
https://certbot.eff.org/pages/about
•
Step 4
This Below TWO command will not work
a9844542127@9844542127s-MacBook-Pro letsencrypt % sudo certbot renew
a9844542127@9844542127s-MacBook-Pro letsencrypt % sudo certbot renew --force-renewal
•
Step 5
But this below commands will work GOOD
Use this command to see current status or expiry date info
a9844542127@9844542127s-MacBook-Pro letsencrypt % sudo cat /etc/letsencrypt/renewal/bharatbaba.com.conf
•
Step 6
Use this command to renew successfully
a9844542127@9844542127s-MacBook-Pro letsencrypt % sudo certbot certonly --manual --preferred-challenges dns -d bharatbaba.com -d
www.bharatbaba.com
•
Step 7
It will say
----------------------------------------
Please deploy a DNS TXT record under the name:
_acme-challenge.bharatbaba.com.
with the following value:
HINGSOME****************METHINGSOMETHING •
----------------------------------------
Press Enter to Continue
•
Step 8
It will say
----------------------------------------
Please deploy a DNS TXT record under the name:
_acme-challenge.bharatbaba.com.
with the following value:
HINGSOME****************METHINGSOMETHING •
----------------------------------------
Press Enter to Continue
•
Step 9
Hit enter
----------------------------------------
Please deploy a DNS TXT record under the name: •
_acme-challenge.www.bharatbaba.com. •
with the following value: •
HSOME KEY ******* *******I
•
Step 10
Hit enter
----------------------------------------
Please deploy a DNS TXT record under the name: •
_acme-challenge.www.bharatbaba.com. •
with the following value: •
HSOME KEY ******* *******I
•
Step 11
Check certificates files are created and downloaded?
• a9844542127@9844542127s-MacBook-Pro letsencrypt % bash
• bash-3.2$ sudo ls -l /etc/letsencrypt/live/bharatbaba.com/ •
Step 12
Check certificates files are created and downloaded?
bash-3.2$ sudo ls -l /etc/letsencrypt/live/bharatbaba.com/
total 8
-rw-r--r-- 1 root wheel 692 Dec 11 00:50 README
lrwxr-xr-x 1 root wheel
lrwxr-xr-x 1 root wheel
lrwxr-xr-x 1 root wheel
lrwxr-xr-x 1 root wheel
bash-3.2$ exit
exit
•
38 Mar 14 23:43 cert.pem -> ../../archive/bharatbaba.com/cert2.pem
39 Mar 14 23:43 chain.pem -> ../../archive/bharatbaba.com/chain2.pem
43 Mar 14 23:43 fullchain.pem -> ../../archive/bharatbaba.com/fullchain2.pem 41 Mar 14 23:43 privkey.pem -> ../../archive/bharatbaba.com/privkey2.pem
Step 13
a9844542127@9844542127s-MacBook-Pro letsencrypt % sudo cp /etc/letsencrypt/live/bharatbaba.com/cert.pem /Applications/MAMP/htdocs/bharatbaba-docs/ssl/renew1/cert.pem
a9844542127@9844542127s-MacBook-Pro letsencrypt % sudo cp /etc/letsencrypt/live/bharatbaba.com/chain.pem /Applications/MAMP/htdocs/bharatbaba-docs/ssl/renew1/chain.pem
a9844542127@9844542127s-MacBook-Pro letsencrypt % sudo cp /etc/letsencrypt/live/bharatbaba.com/fullchain.pem /Applications/MAMP/htdocs/bharatbaba- docs/ssl/renew1/fullchain.pem
a9844542127@9844542127s-MacBook-Pro letsencrypt % sudo cp /etc/letsencrypt/live/bharatbaba.com/privkey.pem /Applications/MAMP/htdocs/bharatbaba- docs/ssl/renew1/privkey.pem
Above command to use copy password in any folder for safety
Step 14
Below command is use for- in my case I am moving certificate from one laptop to server laptop
• a9844542127@9844542127s-MacBook-Pro letsencrypt % sudo tar -cvf ~/ssl_backup.tar -C /Applications/MAMP/htdocs/bharatbaba-docs/ssl/renew1 cert.pem chain.pem fullchain.pem privkey.pem
•
Step 15
This tar will save on root user
• a9844542127@9844542127s-MacBook-Pro letsencrypt % sudo tar -cvf ~/ssl_backup.tar -C /Applications/MAMP/htdocs/bharatbaba-docs/ssl/renew1 cert.pem chain.pem fullchain.pem privkey.pem
•
Step 16
Now you can send tar file into another laptop in my case Mac Book Pro I am sending via Pendrive or Anydisk
• Save in Desktop or any location
Step 17
• Save in Desktop or any location in the new MacBook Pro where you have server
•
Step 18
admins-MacBook-Pro:~ admin$ sudo tar -xvf /Desktop/ssl/renew1/ssl_backup.tar -C /Desktop /ssl/renew1/
Password:
x cert.pem
x chain.pem
x fullchain.pem
x privkey.pem
admins-MacBook-Pro:~ admin$
[Restored 15-Mar-2025 at 1:54:23 AM]
Last login: Sat Mar 15 01:54:16 on console
You have new mail.
admins-MacBook-Pro:~ admin$
Unzipping in new machine
Step 19
•
Now copy the 4 files and paste as below
Step 20
Restart server now work done, be happy.
https://www.bharatbaba.com/
•
Final screenshot is above
Step 19
Restart server now work done, be happy.
https://www.bharatbaba.com/
•
Page views:113201