Renewing Let’s Encrypt Certificate for OwnCloud

Assuming you have followed the steps in the previous article to get your certificate, then you should be able to run this if your certificate is not expired.
cd /tmp/letsencrypt
sudo ./letsencrypt-auto renew

or to get a new certificate

sudo ./letsencrypt-auto -c /path/to/ -d domain -d auth

That may not happen if you have done fancy stuff on your website.


Google Chrome will not go to your website, so for troubleshooting use Firefox. Letsencrypt does not follow the same warnings that Google Chrome shows. It also does not care about HSTS headers.

You are going to have to reissue the certificate because renew will not work.

Document Root

If you are telling Apache that should just be, then anything placed  on your server for letsencrypt will not be visible you need to temporarily disable that override.

Change DocumentRoot from /var/www/owncloud to /var/www

sudo vim /etc/apache2/sites-available/ownCloud-ssl.conf
sudo vim /etc/apache2/conf-available/owncloud-ssl.conf

Certificate Location

The following is the contents of my file.

rsa-key-size = 4096
server =
text = True
authenticator = webroot
agree-tos = True
renew-by-default = True
email =
webroot-path = /var/www/html

Since I set webroot-path to /var/www/html, I need to create a logical link in /var/www/ to the .well-known directory so that the verification can work.

make logical link
cd /var/www
ln -s -T html/.well-known/ .well-known

Restart Server

You can do reload> or restart but both work.
sudo service apache2 restart

This entry was posted in How-To, Nextcloud/OwnCloud and tagged , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s