How to renew Lets encrypt certificate in ejabberd configured server?

Question

How to renew Lets encrypt certificate in ejabberd configured server? My server is Debian-jessie and I have tried to renew SSL certificates using the below command, certbot certonly -d mydomainname

But it produced an unexpected error:

Failed authorization procedure. : urn:acme:error:connection ::Timeout during connect (likely firewall problem). Skipping.

Timeout during connect (likely firewall problem)

To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.

Answer 1

Found the proper answer for this:

You need to stop the service ejabberd service before you do the process,

 service ejabberd stop

Then move the expired ssl pem file to somewhere else,

mv /etc/ejabberd/ejabberd.pem  /etc/ejabberd/ejabberd.pem.backup

Go to the directory where the cert boot locating,

cd /root

Enter the below command in-order to renew the certificate for the required domain

certbot certonly --webroot -w /etc/ejabberd -d yourdomain.com --force-renewal --rsa-key-size 4096

Then merge the generated ssl files to the ejabberd configuration file

cat /etc/letsencrypt/live/yourdomain.com/privkey.pem /etc/letsencrypt/live/chat.yourdomain.com/fullchain.pem > ejabberd.pem

Then move the pem file to the ejabberd root path

mv ejabberd.pem /etc/ejabberd

chown ejabberd /etc/ejabberd/ejabberd.pem

Enable ejabberd service

service ejabberd start

service ejabberd status