SSL Renewal Error PHP Fatal error: Uncaught GuzzleHttp

Hi Guys I am experiencing ths SSL renewal error on Ubuntu 18 - Latest ee version.

Any clues on what may be causing this?

root@vps645553:~# sudo ee site ssl-renew www.site.com
Starting SSL cert renewal
Loading current certificate for www.site.com
Starting SSL verification.
PHP Fatal error: Uncaught GuzzleHttp\Exception\RequestException: cURL error 60: SSL certificate problem: certificate has expired (see http://curl.haxx.se/libcurl/c/libcurl-errors.html) in phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php:186
Stack trace:
#0 phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(149): GuzzleHttp\Handler\CurlFactory::createRejection(Object(GuzzleHttp\Handler\EasyHandle), Array)
#1 phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(102): GuzzleHttp\Handler\CurlFactory::finishError(Object(GuzzleHttp\Handler\CurlHandler), Object(GuzzleHttp\Handler\EasyHandle), Object(GuzzleHttp\Handler\CurlFactory))
#2 phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/CurlHandler.php(43): GuzzleHttp\Handler\CurlFactory::finish(Object(GuzzleHttp\Handler\CurlHandler), Object(GuzzleHttp\Handler\EasyHandle), Object(GuzzleHttp\Handler\CurlFactory))
#3 phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/Proxy.php(28): Guz in phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php on line 186
Warning: An Error occurred. Initiating clean-up.
Warning: Exiting gracefully after rolling back. This may take some time.
Success: Rollback complete. Exiting now.

1 Like

Hello,

Just rename the cert file for your domain from: /opt/easyengine/services/nginx-proxy/certs to something new and rerun: ee site ssl-renew

Thanks,
Dragos
site: https://www.wpdoze.com/

7 Likes

Thank you so much. This solution. Super helpful for what was a major time consuming problem.

Does not work.

I have 2 sites unavailable now. Incredible.

This comment worked for me on some domains.

Hello,

Just rename the cert file for your domain from: /opt/easyengine/services/nginx-proxy/certs to something new and rerun: ee site ssl-renew

Thanks,
Dragos
site: https://www.wpdoze.com/

Others I had to migrate.

After renaming a file, and back… I can’t access those websites at all.
I restarted the server (restarted sites and services), cleaned cache, nothing… no access.
Might go back to serverpilot.

502 Bad Gateway

Had to reboot the server (ubuntu)… I got the access back. SSL renew still give errors. ffs

This is the biggest issue for normal functioning. Btw my certs never ever renewed themselves. Not even on v3.

Just rename the cert file for your domain from: /opt/easyengine/services/nginx-proxy/certs to something new and rerun: ee site ssl-renew

Solution works here. Thank you, @wpdoze

This worked for me also, thank you. However, should I run this command now as the cronjob cmd to renew ssl? The docs are so wack for 3 vs 4 rn…

That problem only happens if the SSL has expired.
If you have this line below on your crontab it should be fine:

0 12 * * * ee site ssl-renew --all 2> /dev/null # Renew letsencrypt SSL cert. Set by EasyEngine V4
2 Likes

Yea, I only run 1 day a week for this will do the trick! sudo su && crontab -e and jam that in there.

Hi guys, I`m having this major problem in my SSL certificate.
This solution do not work for me.

I put a heart on there…you saved me from a headache!

How can i login to phymyadmin after installing wordpress?

I have the same problem. SSL renewal doesn’t work anymore.
We need hotfix for EE4.

You have to install the easyengine toolset called Admin Tools. You install it via command line.

How I can do that?

awesome :slight_smile: it works like charm,

– I just had to rename - domain crt inside the /opt/easyengine/services/nginx-proxy/certs folder
mv domain.com.crt domain.com.crt1
then -
ee site ssl-renew --all

After I renamed my CRT file, I get a new error:

PHP Fatal error: Uncaught GuzzleHttp\Exception\RequestException: cURL error 51: SSL: no alternative certificate subject name matches target host name ‘my.domain’ (see http://curl.haxx.se/libcurl/c/libcurl-errors.html) in phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php:186

Any help on that would be appreciated.

I used to have renewal problems too. What did I do?

  1. Switch to the root user

su -

  1. Go to

cd /etc/letsencrypt/renewal

  1. Long list files

ls

  1. Use cat command or another one to view the contents of this specific file:

cat mydomain.com.conf

  1. Search the section [[webroot_map]] at the end of the file. If missing add it this way (using nano command or another for editing the file):

[[webroot_map]]

mydomain.com = /var/www/mydomain.com/public_html

www.mydomain.com = /var/www/mydomain.com/public_html

That should solve renew issues with letsencrypt.

1 Like