Hi have a system running Wordpress on EE 3.
Some time ago (perhaps a year ago) I installed LetsEncrypt ssl on there, using instructions provided on EE documentation / forums.
In last 10 days the site has been (unknown to me) getting an SSL expired error in browsers. You can see the results of that here: https://www.ssllabs.com/ssltest/analyze.html?d=jonathanevatt.com
When I check the certificate, I get the following:
~$ sudo certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/jonathanevatt.com.conf
-------------------------------------------------------------------------------
Attempting to parse the version 0.29.1 renewal configuration file found at /etc/letsencrypt/renewal/jonathanevatt.com.conf with version 0.23.0 of Certbot. This might not work.
Cert not yet due for renewal
-------------------------------------------------------------------------------
The following certs are not due for renewal yet:
/etc/letsencrypt/live/jonathanevatt.com/fullchain.pem expires on 2019-03-15 (skipped)
No renewals were attempted.
-------------------------------------------------------------------------------
As you can see, the certificate does not expire until March 2019.
So I thought perhaps Nginx is using a certificate in another location. But I see in Nginx config that it’s calling the certificate from here: (in the /var/www/jonathanevatt.com/conf/nginx/ssl.conf file)
listen 443 ssl http2;
ssl_certificate /etc/letsencrypt/live/jonathanevatt.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/jonathanevatt.com/privkey.pem;
Would someone kindly explain how I can have an SSL certificate loading to browsers which differs from the one shown above?
Thank you,
Jonathan