Skip to main content

In case anyone is wondering about how to "update" a valid certificate from #letsencrypt that for some reason #prosody states is already expired, just run:

prosodyctl --root cert import /etc/letsencrypt/live

Assuming you have a valid certificate in place already configured for your domain. Saved me some headache!

More info: prosody.im/doc/letsencrypt

#xmpp #selfhost

Let’s Encrypt – Prosody IM

prosody.im
#xmpp #selfhost #prosody #letsencrypt
in reply to Klaus Zimmermann

Prosody IM
Prosody IM
Yup! This should be run in a deploy hook (supported by most ACME tools), or alternatively just stick it in a daily cron job/systemd timer.
in reply to Prosody IM

Klaus Zimmermann
Klaus Zimmermann
@prosodyim yup, lesson learned right there. But for me the hook on certbot's renew command didn't work because certbot itself didn't see the need to update the certificate (as it was within the safe validity period) and failed the command, thus cancelling the hook. Running the hook command straight fixed the issue. `prosodyctl check certs` confirmed success and service was restored shortly afterwards :)
@Prosody IM