How to renew Lets encrypt certificate in ejabberd configured server? My server is Debian-jessie and I have tried to renew SSL certificates using the below command, certbot certonly -d mydomainname
But it produced an unexpected error:
Failed authorization procedure. : urn:acme:error:connection ::Timeout during connect (likely firewall problem). Skipping.
Timeout during connect (likely firewall problem)
To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
Found the proper answer for this:
You need to stop the service ejabberd service before you do the process,
service ejabberd stop
Then move the expired ssl pem file to somewhere else,
mv /etc/ejabberd/ejabberd.pem /etc/ejabberd/ejabberd.pem.backup
Go to the directory where the cert boot locating,
cd /root
Enter the below command in-order to renew the certificate for the required domain
certbot certonly --webroot -w /etc/ejabberd -d yourdomain.com --force-renewal --rsa-key-size 4096
Then merge the generated ssl files to the ejabberd configuration file
cat /etc/letsencrypt/live/yourdomain.com/privkey.pem /etc/letsencrypt/live/chat.yourdomain.com/fullchain.pem > ejabberd.pem
Then move the pem file to the ejabberd root path
mv ejabberd.pem /etc/ejabberd
chown ejabberd /etc/ejabberd/ejabberd.pem
Enable ejabberd service
service ejabberd start
service ejabberd status