Community Health Toolkit

Local-ip.co certificate expired

Hello,

On my testing CHT instance, suddenly I could not connect using the local-ip SSL certificate, deployed as described here

The browser is telling my that the certificate expired today. How can I renew it? Just running the script ./scripts/add-local-ip-certs-to-docker.sh
does not renew it.

Could someone advice how to make https access back working again?

Many thanks.

1 Like

@raf - Sorry you’re having this problem! The good news is that re-running the add-local-ip-certs-to-docker.sh script is the way to solve this problem under normal circumstances. You might have to clear your browser cache, but not likely - it should Just Work.

However, the bad news is that that the Local-IP service hasn’t renewed the certificates that they publish:

date                              
Mon Jul 26 08:23:05 PDT 2021

curl -s  http://local-ip.co/cert/server.pem -o server.pem

openssl x509 -enddate -noout -in  server.pem             
notAfter=Jul 26 09:42:25 2021 GMT

We’ll look into a work around, but the easiest solution is that they renew their certificate and you can just re-run the script. Stay tuned!

1 Like

They have updated the cert and we’re back in business here!

@raf please give it another try.

1 Like

Dear both,

Thank you very much for your help. I used that time to take a domain and install a Let’s Encrypt certificate . But good to know that this is fixed!.

@raf - Oh great, glad you were able to resolve your issue with a Let’s Encrypt certificate. If you have a public IP and DNS entry (or can use their DNS-01 challenge ), this a much better solution.

And yes, as @craig mentioned, the local-ip.co certificate has been renewed as well!

1 Like