I just got an email from LetsEncrypt saying we need to force renewal on our certs in the next 12 hours due to a bug on their end. How do we do that with Discourse?
This should work:
ssh firstname.lastname@example.org cd /var/discourse/shared/standalone cp -r ssl ssl_backup rm ssl/* cd /var/discourse ./launcher rebuild app
That worked, thank you!
Did not work for me. The certificates are the same as the ones in the ssl_backup directory, after the rebuild.
I tried 2 times ; and the second I deleted the files manually through WinSCP.
How can we force the renew? Likely need
[Wed 04 Mar 2020 06:33:11 PM UTC] Skip, Next renewal time is: e[1;32mMon 06 Apr 2020 06:24:28 PM UTCe[0m [Wed 04 Mar 2020 06:33:11 PM UTC] Add 'e[1;31m--forcee[0m' to force to renew.
Per the letsencrypt page, try testing your domain here:
You may be safe now.
If not, then you do need to force it. I actually forced it from the CLI elsewhere myself as I use that same domain on a non-discourse site as well.
You’re right, I did not check all my domains, I assumed all were concerned, but the one with Discourse can be ignored.
That’s said, I’ve also figured out how to force renew:
./launcher enter app
"/shared/letsencrypt"/acme.sh --cron --home "/shared/letsencrypt" --force
I don’t know if there is a more direct way, but it worked after refreshing website cache.
You also need to disable cloudflare if you’re using it. I know the discourse devs recommend against it, but it works for me.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.