I created a Digital Ocean Droplet following these instructions: Rocket.Chat Hosting | DigitalOcean Marketplace 1-Click App. Now, the SSL certificate is expired.
I normally can run “certbot” and regenerate the SSL on servers web that I manually set up. But this “Marketplace” installation doesn’t have things like that.
Everything is up-to-date, but I can’t run certbot. I even tried running “rocketchatctl configure --lets-encrypt --root-url=https://chat.my_domain.com” (with my_domain being my actual domain) and it didn’t work.
Any help would be appreciated.
Hi, welcome to the forum!
You can force the certs to renew, by
# backing up the existing file
sudo cp /etc/traefik/acme/acme.json /etc/traefik/acme/acme.json.old
/etc/traefik/acme/acme.json and remove the lines/keys starting with Certificate & Key.
sudo systemctl restart traefik
Renewal should’ve been automatic though. Idk why it wasnt. I’ll look into that. And at the same time maybe I’ll also add a rocketchatctl command to make force renewals easier.
I edited the files in Vim and removed the two lines. Now I’m clearly getting a syntax error.
Can you post the file content here please? Removing private data?
The part that is breaking is here:
Here is what it looks like right after I edit and remove the lines you recommend:
Please post the whole file, if uncomfortable you can dm me here as well:)
Remove that comma please under
Ok. I got traefik restarted. Thanks.
I’ve also rebooted the server (just in case) and I’m not sure which command I need to run to regenerate the SSL cert. I just looked at the acme.json file after restarting everything and I don’t see the certificate information, just my private key.
For some reason the server isn’t serving HTTP, only HTTPS. That’s why Let’s Encrypt isn’t reissuing the SSL certificate. I’m not sure why the redirect from HTTP to HTTPS isn’t working.
I figured it out. Don’t block port 80.