I got a reminder from Redsift that my certificates are going to expire in a week. Usually discourse will renew the certificates well ahead of time. This time not so, before I start doing a rebuild (which is supposed to solve the issue), @Falco is there anything you want me to check and post back here to help get to the root of why the certificates did not renew?
The root certificate is ISRGX1 and here is the expiring certificate information:
But it’s been over a day since I updated the forum software and the certificate doesn’t appear to have been updated yet. It’s got 5 days before it expires so it really needs to be renewed soon.
I’m on the Discouse stable branch if that makes a difference. Is it possible the endpoint fix hasn’t been backported?
We have had the same experience of SSL not renewing.
It would be great if someone could double check that web.ssl.template is behaving correctly on discourse-docker, it appeared to me that port 80 was not actually serving any /.well-known/ URLs used by Let’s Encrypt, all URLs were forwarding to SSL including test files I manually placed into /var/www/discourse/public/.well-known/ . I had to edit /etc/nginx/conf.d/outlets/before-server/20-redirect-http-to-https.conf directly inside the app container.