Litespeed + Certbot - Invalid cert, expired

Question

I keep getting an issue where my site reports the site as having an invalid SSL.

ERR_CERT_DATE_INVALID (in chrome)

It is simply fixed by restarting LSWS.

I therefore checked my cron for certbot and it looks correct?

0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew  --deploy-hook "systemctl restart lsws"

I also checked the status of my certs - they are fine Expiry Date: 2021-07-28 08:54:31+00:00 (VALID: 56 days)

Therefore I am a bit unsure as to what is going on here. Possibly the cron is incorrect? And it is not actually restarting LSWS

Running: Ubuntu 20.04.1 LTS LiteSpeed/1.6.17 Open

Why do you have a cron job at all? This should be handled with the existing systemd timer. — Michael Hampton, Jun 01 '21 at 13:19

score 0 · Answer 1 · answered Jun 02 '21 at 07:13

The CertBot cronjob is correct. Before systemd updates, we can mix up in use with "lswsctrl"/"service" and "systemctl" to restart lsws, but after the certain update, it messed up with systemctl. Like if you have a process start with lswsctrl start then systemctl restart/stop won't touch it.

Please run follow commands,

/usr/local/lsws/bin/lswsctrl stop
systemctl stop lsws
systemctl start lsws

and "lsws restart" should start working properly next time with the certbot hook.

Litespeed + Certbot - Invalid cert, expired

1 Answers1