SSL Certificate has failed to renew on Central

Am pretty new here but am running V1.5 of ODK central but the ssl certificate has failed to renew. Kindly advise on how to resolve.

Does your server have a domain name, or are you trying to work on IP address only?

Letsencrypt does not work on IP address only. You got to have a domain name.

Yes, it has a domain name.

Have you opened ports 80 and 443?

Ports 80 and 443 are all open. Domain was working fine until it expired and the system failed to auto-renew it. When I tried the steps here Renew ssl certificate, I discovered I already have the latest version of ODK and hence stuck on what to do next.

In a desperate effort to try and find answers, I checked the error logs and found this: "This PM2 is not up to date. Upgrade to version 5.2.2" Do you think this could be the problem. If yes, how do I resolve?

Run docker logs central_nginx_1 | less and see what it says. It should like something like this:

writing a new nginx configuration file..
starting nginx with certbot..
Starting the Nginx service
Starting the autorenewal service
Starting certificate renewal process
Requesting an RSA certificate for 'yourserver.example.com'
Certificate not yet due for renewal

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Certificate not yet due for renewal; no action taken.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Saving debug log to /var/log/letsencrypt/letsencrypt.log

What do you see?

I increased memory of the server and for some reason the certificate issue got resolved. Not sure what magic happened though...I will look through the logs and dig out for information that could be helpful to another person next time. Thanks all.

1 Like

Glad it's working! It's unlikely that it's memory. Maybe LetsEncrypt was down? Or maybe some network glitch?