Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: signal dot wetleaves dot com
I ran this command: certbot --dry-run
It produced this output: --dry-run currently only works with the ‘certonly’ or ‘renew’ subcommands (‘run’)
That doesn’t inspire confidence - the precise command directed by jsha doesn’t work? Not good.
So I foolishly tried: certbot --dry-run --renew
and it gave me: usage: certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] … Certbot can obtain and install HTTPS/TLS/SSL certificates. By default, it will attempt to use a webserver both for obtaining and installing the certificate. certbot: error: ambiguous option: --renew could match --renew-hook, --renew-with-new-domains, --renew-by-default
My web server is (include version): Server version: Apache/2.4.18 (Ubuntu)
Server built: 2018-06-07T19:43:03
The operating system my web server runs on is (include version): Ubuntu 16.04
My hosting provider, if applicable, is: Shouldn’t need that, all they give me is a IP address and connection.
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
Sorry for the confusion. The command you want is:
certbot renew --dry-run
Got a link to where you saw that? The forum is quite busy at the moment and I can’t seem to find it
Ah. In that post @jsha is talking about an upcoming change. If you want to try a test renewal now you should use this instead:
certbot renew --dry-run --preferred-challenges http-01,dns-01
A change in the staging server, yes. Nontheless, the
certbot command presented by @jsha doesn’t work without an actual
certbot renew --dry-run seems to work. So now I run it without the --dry-run right?
I appreciate yalls patience with me.
What do you want to accomplish? The post from @jsha clearly states the change will be activated on next Tuesday. So anything you test know could possibly be very different on Tuesday.
certbot renew --dry-run won’t tell you anything useful just yet - that’s what’s coming on Tuesday.
If you want to do an equivalent test now you should run this instead:
Does that work? If so, you shouldn’t really need to do anything else.
A successful dry run a few minutes ago could have cached TLS-SNI authorizations, though.
I get (among other output): Congratulations, all renewals succeeded.
Respectfully, the message that was sent yesterday resulted in confusion. I suspect yall are getting lots of responses from people like me who mistook the message intent for a requirement RIGHT NOW. So I will wait…
hm, true. Maybe it’s best if we just advise folks to wait until Tuesday?
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.