Renewed cert but still invalid

Hi.
I’ve installed nextcloud with a web guide and now my certificate is expired.
I renew it with certbot but if visit my nextcloud site is still says that my cert is expired. However, if visit my default web site (apache default page) the cert is valid.
I don’t know where is the cert config on nextcloud settings, but I think this settings are getting the certificate on another path.

Where can i check in nextcloud settings? Into /var/www/html/nextcloud/config/config.phpconfig.php there isn’t nothing about certs

Thanks

There should be an apache config file for nextcloud in /etc/apache2/sites-available, where also the apache default config is. There are the path declarations for the certs. Edit them and restart apache.

Yes, on /etc/apache2/sites-available/default-ssl.conf I set the path to the certs, but I’ve on sites-available directory any nextcloud.conf. Is for that I think there is somewhere an another nextcloud file configuration.

Look into /etc/apache2/sites-enabled/ There should be only symlinks into sites/enabled, but maybe by mistake the file has been created there.

Enter this command:

sudo apachectl -S

it should list all virtual hosts and refer to the config files where they are declared. Look for lines like

VirtualHost configuration:

There may be several such lines. Thereafter you find the vhost declarations.

Do you restart the web server?

Yes, of course

Try to acceed to your website in private navigation and check if it works

This is the output for sudo apachectl -S

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:443                  127.0.1.1 (/etc/apache2/sites-enabled/000-default.conf:1)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex default: dir="/var/run/apache2/" mechanism=default 
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33

And this is my 000-default.conf

<VirtualHost *:443>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        ServerName mydomain.com

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        SSLCertificateFile /etc/ssl/certs/mydomain.com.fullchain.pem
        SSLCertificateKeyFile /etc/ssl/private/mydomain.com.privkey.pem
</VirtualHost>

Try this:

You need the RAW file. Run it with sudo bash activate-tls.sh

So you get the default apache site by
https://127.0.1.1
or
https://mydomain.com

is that right? By which address can you access your nextcloud?

Just to clarify, is your default Apache site the one serving Nextcloud? Do you have Nextcloud installed in /var/www/html ?

Just in case the issue is with the browser cache or something, you can look at the cert it’s providing with OpenSSL:

openssl s_client -connect my domain.com:443 | openssl x509 -noout -text

Near the top it will list the validity dates as not before/not after.

Not work for me. Finally, I setting up the apache sites-availables manually and with certbot all works fine.

Thanks for the command. Very useful for checking my https sites