All renewal attempts failed. The following certs could not be renewed:

Help
1

Yeah, I know there are a lot of topis with this issue, but I couldn’t solve it…
Thanks for any helps!!

My domain is: cytconectar.com
I’m using
DigitalOcean
Ubuntu 18.04.3
nginx/1.14.0
certbot 0.31.0

I ran this command:
sudo certbot renew --dry-run

It produced this output:
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Attempting to renew cert (cytconectar.com) from /etc/letsencrypt/renewal/cytconectar.com.conf produced an unexpected error: urn:ietf:params:acme:error:malformed :: The request message was malformed :: Method not allowed. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/cytconectar.com/fullchain.pem (failure)

** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/cytconectar.com/fullchain.pem (failure)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)

1 renew failure(s), 0 parse failure(s)

and olse the output for cat /var/log/letsencrypt/letsencrypt.log

It produced this output:
2020-04-01 23:29:31,831:DEBUG:certbot.main:certbot version: 0.31.0
2020-04-01 23:29:31,832:DEBUG:certbot.main:Arguments: [’–dry-run’]
2020-04-01 23:29:31,832:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2020-04-01 23:29:31,847:DEBUG:certbot.log:Root logging level set at 20
2020-04-01 23:29:31,848:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-04-01 23:29:31,857:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f59af850ef0> and installer <certbot.cli._Default object at 0x7f59af850ef0>
2020-04-01 23:29:31,857:DEBUG:certbot.cli:Var dry_run=True (set by user).
2020-04-01 23:29:31,857:DEBUG:certbot.cli:Var server={‘dry_run’, ‘staging’} (set by user).
2020-04-01 23:29:31,857:DEBUG:certbot.cli:Var dry_run=True (set by user).
2020-04-01 23:29:31,858:DEBUG:certbot.cli:Var server={‘dry_run’, ‘staging’} (set by user).
2020-04-01 23:29:31,858:DEBUG:certbot.cli:Var account={‘server’} (set by user).
2020-04-01 23:29:31,869:INFO:certbot.renewal:Cert not due for renewal, but simulating renewal for dry run
2020-04-01 23:29:31,869:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
2020-04-01 23:29:32,069:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f59af8a3d68>
Prep: True
2020-04-01 23:29:32,071:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f59af8a3d68>
Prep: True
2020-04-01 23:29:32,072:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_nginx.configurator.NginxConfigurator object at 0x7f59af8a3d68> and installer <certbot_nginx.configurator.NginxConfigurator object at 0x7f59af8a3d68>
2020-04-01 23:29:32,072:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2020-04-01 23:29:32,075:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri=‘https://acme-staging-v02.api.letsencrypt.org/acme/acct/12305087’, new_authzr_uri=None, terms_of_service=None), 4b75a358a1bdc0d8f71abc9a9fd95d2f, Meta(creation_dt=datetime.datetime(2020, 2, 2, 23, 18, 8, tzinfo=), creation_host=‘ubuntu-s-1vcpu-1gb-sfo2-01’))>
2020-04-01 23:29:32,077:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory.
2020-04-01 23:29:32,079:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
2020-04-01 23:29:32,196:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 “GET /directory HTTP/1.1” 200 724
2020-04-01 23:29:32,198:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 01 Apr 2020 23:29:32 GMT
Content-Type: application/json
Content-Length: 724
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“AeWTywuZsI4”: “Adding random entries to the directory”,
“keyChange”: “https://acme-staging-v02.api.letsencrypt.org/acme/key-change”,
“meta”: {
“caaIdentities”: [
letsencrypt.org
],
“termsOfService”: “https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf”,
“website”: “https://letsencrypt.org/docs/staging-environment/
},
“newAccount”: “https://acme-staging-v02.api.letsencrypt.org/acme/new-acct”,
“newNonce”: “https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce”,
“newOrder”: “https://acme-staging-v02.api.letsencrypt.org/acme/new-order”,
“revokeCert”: “https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert
}
2020-04-01 23:29:32,198:INFO:certbot.main:Renewing an existing certificate
2020-04-01 23:29:32,268:DEBUG:acme.client:Requesting fresh nonce
2020-04-01 23:29:32,268:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce.
2020-04-01 23:29:32,299:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 “HEAD /acme/new-nonce HTTP/1.1” 200 0
2020-04-01 23:29:32,299:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 01 Apr 2020 23:29:32 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 00014FZ1tc21z00JdAN5Y-BVIdi1wH7XjJnKXEOygeXb09M
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

2020-04-01 23:29:32,300:DEBUG:acme.client:Storing nonce: 00014FZ1tc21z00JdAN5Y-BVIdi1wH7XjJnKXEOygeXb09M
2020-04-01 23:29:32,300:DEBUG:acme.client:JWS payload:
b’{\n “identifiers”: [\n {\n “type”: “dns”,\n “value”: “cytconectar.com”\n },\n {\n “type”: “dns”,\n “value”: “www.cytconectar.com”\n }\n ]\n}’
2020-04-01 23:29:32,304:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order:
{
“protected”: “eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xMjMwNTA4NyIsICJub25jZSI6ICIwMDAxNEZaMXRjMjF6MDBKZEFONVktQlZJZGkxd0g3WGpKbktYRU95Z2VYYjA5TSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ”,
“signature”: “LmMKRuu_WqrWsO7mR1Z-j4fWXetRmij72Eus7HOEMgJzyl1kHQZgzwj5KnMUppZUvrFojq9os6-gtfQETtls4zYVkBkeyPb_g4T5PHTfQZSTGsHfoocniljrfPusYdUdVYP3Za9NzCJknRstwQ3VRxffN8Lg6Li53PrdHTxU1A7dJbp2njS3TzPNkJiMJTs5Vu6MbEqUTHiG6zKmtd4AxyWY-b5gpQFihHUnmUiv4fK-fb_ATCewWTA-pCkxTZuFyid8W4gTTlmxHNba7_y6v9foMDMKHMkIyV_RygwxUClHSduSbAznfa_cJCheq61AyzTyY4qdXm77ztQMkVjlcg”,
“payload”: “ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImN5dGNvbmVjdGFyLmNvbSIKICAgIH0sCiAgICB7CiAgICAgICJ0eXBlIjogImRucyIsCiAgICAgICJ2YWx1ZSI6ICJ3d3cuY3l0Y29uZWN0YXIuY29tIgogICAgfQogIF0KfQ”
}
2020-04-01 23:29:32,366:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 “POST /acme/new-order HTTP/1.1” 201 501
2020-04-01 23:29:32,367:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Wed, 01 Apr 2020 23:29:32 GMT
Content-Type: application/json
Content-Length: 501
Connection: keep-alive
Boulder-Requester: 12305087
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel=“index”
Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/12305087/82638900
Replay-Nonce: 0002TMouY5bQ5GQr4hzuwr80NpeRcE3zrfaDZKHBr-5qd3A
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“status”: “ready”,
“expires”: “2020-04-08T23:29:32.323303422Z”,
“identifiers”: [
{
“type”: “dns”,
“value”: “cytconectar.com
},
{
“type”: “dns”,
“value”: “www.cytconectar.com
}
],
“authorizations”: [
https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46923266”,
https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46923267
],
“finalize”: “https://acme-staging-v02.api.letsencrypt.org/acme/finalize/12305087/82638900
}
2020-04-01 23:29:32,367:DEBUG:acme.client:Storing nonce: 0002TMouY5bQ5GQr4hzuwr80NpeRcE3zrfaDZKHBr-5qd3A
2020-04-01 23:29:32,368:DEBUG:acme.client:JWS payload:
b’’
2020-04-01 23:29:32,369:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46923266:
{
“protected”: “eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xMjMwNTA4NyIsICJub25jZSI6ICIwMDAyVE1vdVk1YlE1R1FyNGh6dXdyODBOcGVSY0UzenJmYURaS0hCci01cWQzQSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My80NjkyMzI2NiJ9”,
“signature”: “Y3lRja8qWPgbytCq_SLDRDpzRy3Pw6tUiAqdfJ6RezDbdtr5HmqMVgTkneQ7I05DDFWYy328GaBcu_C99bMzw3gC3BV_ssk2l5m7pbqkTIs2M6LeuGO6jR_eSJICCdZrwqwowG3q2o4DGconfseqyXJ5tty22QJh1kjoqbYJzXPrHEspAQWPq9_OBrEwRctmlgjclD6rEpnAHCKPg1owJbuRu_r6CUb9UEei8DyRwbFflsEap_-2PSlGPz83dl3CQZbxs1N3uLV1VH5KijUTwyWl0guhuodLitPLufu8rkdS9PZx5sBxQdc9-67dvW7wORcld-HQhWP3xSnuDbfbDg”,
“payload”: “”
}
2020-04-01 23:29:32,403:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 “POST /acme/authz-v3/46923266 HTTP/1.1” 200 774
2020-04-01 23:29:32,404:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 01 Apr 2020 23:29:32 GMT
Content-Type: application/json
Content-Length: 774
Connection: keep-alive
Boulder-Requester: 12305087
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0001x5I2GAvljNdV2jGB1kb3HBZ1yinIgOkranjENQw_GN8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“identifier”: {
“type”: “dns”,
“value”: “cytconectar.com
},
“status”: “valid”,
“expires”: “2020-05-01T23:00:24Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “valid”,
“url”: “https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/46923266/XECKtg”,
“token”: “ICUIW0xo7dmPmYbwgRoAw6kA1CQ5Hv8wD4s3FcXtz_4”,
“validationRecord”: [
{
“url”: “http://cytconectar.com/.well-known/acme-challenge/ICUIW0xo7dmPmYbwgRoAw6kA1CQ5Hv8wD4s3FcXtz_4”,
“hostname”: “cytconectar.com”,
“port”: “80”,
“addressesResolved”: [
“165.22.174.73”,
“2604:a880:2:d0::5363:4001”
],
“addressUsed”: “2604:a880:2:d0::5363:4001”
}
]
}
]
}
2020-04-01 23:29:32,404:DEBUG:acme.client:Storing nonce: 0001x5I2GAvljNdV2jGB1kb3HBZ1yinIgOkranjENQw_GN8
2020-04-01 23:29:32,404:DEBUG:acme.client:JWS payload:
b’’
2020-04-01 23:29:32,406:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46923267:
{
“protected”: “eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xMjMwNTA4NyIsICJub25jZSI6ICIwMDAxeDVJMkdBdmxqTmRWMmpHQjFrYjNIQloxeWluSWdPa3JhbmpFTlF3X0dOOCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My80NjkyMzI2NyJ9”,
“signature”: “jCgG_GIz2zpenHZ7QhhZcxQ5qznOJLAOJMiM0rGLMXJFkqVbeQJJxf6tgvVqZa2W2SGGetXaHmBG-oTMGnxitY6olrJ4z8cBL25tQ-U_dDh0JnamsgpSRvuVr8G12I4nevPbSZxzL3g1vywZv5Qi4EmUGoRSmIfFhO_z3TzAOSvSEEsIYobqPZ2VKoEYw9n1KmH20yEcor6Z6LyQPoHeNljEFDmAl11d0zNQl0uDm3IhF1VLp6V8gIqDUfHMOZu17ry–Fm1uNjJFGbNyXpL7m6bez-MLtGzQbIlxG8Y7vecDy8hohf4cFqTulAlc_jATYbhYZpq71bZjPEIFTJc7g”,
“payload”: “”
}
2020-04-01 23:29:32,453:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 “POST /acme/authz-v3/46923267 HTTP/1.1” 200 786
2020-04-01 23:29:32,454:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 01 Apr 2020 23:29:32 GMT
Content-Type: application/json
Content-Length: 786
Connection: keep-alive
Boulder-Requester: 12305087
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0001LRw_Pj1eEgoXH72TfNngvOuKb2MFdkRLXHX6p6iOGSI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“identifier”: {
“type”: “dns”,
“value”: “www.cytconectar.com
},
“status”: “valid”,
“expires”: “2020-05-01T23:00:22Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “valid”,
“url”: “https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/46923267/G4l2eA”,
“token”: “wStZ_sgdYStch0pVd7nMa-R66oIE8on6DZp1UzoDGGk”,
“validationRecord”: [
{
“url”: “http://www.cytconectar.com/.well-known/acme-challenge/wStZ_sgdYStch0pVd7nMa-R66oIE8on6DZp1UzoDGGk”,
“hostname”: “www.cytconectar.com”,
“port”: “80”,
“addressesResolved”: [
“165.22.174.73”,
“2604:a880:2:d0::5363:4001”
],
“addressUsed”: “2604:a880:2:d0::5363:4001”
}
]
}
]
}
2020-04-01 23:29:32,454:DEBUG:acme.client:Storing nonce: 0001LRw_Pj1eEgoXH72TfNngvOuKb2MFdkRLXHX6p6iOGSI
2020-04-01 23:29:32,455:DEBUG:certbot.client:CSR: CSR(file=None, data=b’-----BEGIN CERTIFICATE REQUEST-----\nMIIChzCCAW8CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANUL\nb9J1X8Ve+qG8iuI0qblI2gsSFi2ZoyUJ7Q9KbdP6rAmOsdvf8Qz0bWbpbDkPB6MJ\nW4ScBN0DbhcemDLtVs0jkw5N5iKE+Hh/H1Zlpgtcc+iDAeC/pL6fEVBjsZ6N1t9U\ne+kL9Ux7I/QeKXMWwt8Ul+9RTsH8rkugVOI4kRCzS4lZft5cGEC2NoobKzpkaWN8\nBh8TRhD6TIhN5Rbul8X6ZpxMXdGs8YwH4JbP+Srmd1HYhJ/6H3eJ9JcvboqGzO7a\n4yRV/ifzz3lw1URRT4CqjQAslwYT2J/5Zw6lOzhKyVYLhDvjy5EPYLlbnNnzjZwO\n6K/fSyLJRtg+9uyvieUCAwEAAaBCMEAGCSqGSIb3DQEJDjEzMDEwLwYDVR0RBCgw\nJoIPY3l0Y29uZWN0YXIuY29tghN3d3cuY3l0Y29uZWN0YXIuY29tMA0GCSqGSIb3\nDQEBCwUAA4IBAQCpzMyrUnHxs6M434DMP7etjgZFo5DCCk1rT5kSJ6uBY6epnGuT\nsCEj65pL21r9kkqZ/jftCra3J2Bq1J83WFGldHTfwOQFKJRC0KVNvu83qFp302bA\nOpR0vE9dAIurd2GYLaZyinBAP2vKcBnDYJ9si2BTg4KqoWQ0BnVc8025eStDyd4J\nh8bkf3UaJOQijl/qiIG+m7TgQQSsBBGWzjEXwCzu8vp/YiajNV0lnTMvWQ3iXGCU\ndOs2LXTlD4MkOjaqsqOIhtMQvA37uKl6PhKO+W1sSscShdzIWFuVeSs7q6Gg/GdA\nFzNoD9chL+ZSEMnX0z1udPPgg11sO+bnGbs2\n-----END CERTIFICATE REQUEST-----\n’, form=‘pem’)
2020-04-01 23:29:32,456:DEBUG:acme.client:JWS payload:
b’{\n “resource”: “new-cert”,\n “csr”: “MIIChzCCAW8CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANULb9J1X8Ve-qG8iuI0qblI2gsSFi2ZoyUJ7Q9KbdP6rAmOsdvf8Qz0bWbpbDkPB6MJW4ScBN0DbhcemDLtVs0jkw5N5iKE-Hh_H1Zlpgtcc-iDAeC_pL6fEVBjsZ6N1t9Ue-kL9Ux7I_QeKXMWwt8Ul-9RTsH8rkugVOI4kRCzS4lZft5cGEC2NoobKzpkaWN8Bh8TRhD6TIhN5Rbul8X6ZpxMXdGs8YwH4JbP-Srmd1HYhJ_6H3eJ9JcvboqGzO7a4yRV_ifzz3lw1URRT4CqjQAslwYT2J_5Zw6lOzhKyVYLhDvjy5EPYLlbnNnzjZwO6K_fSyLJRtg-9uyvieUCAwEAAaBCMEAGCSqGSIb3DQEJDjEzMDEwLwYDVR0RBCgwJoIPY3l0Y29uZWN0YXIuY29tghN3d3cuY3l0Y29uZWN0YXIuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQCpzMyrUnHxs6M434DMP7etjgZFo5DCCk1rT5kSJ6uBY6epnGuTsCEj65pL21r9kkqZ_jftCra3J2Bq1J83WFGldHTfwOQFKJRC0KVNvu83qFp302bAOpR0vE9dAIurd2GYLaZyinBAP2vKcBnDYJ9si2BTg4KqoWQ0BnVc8025eStDyd4Jh8bkf3UaJOQijl_qiIG-m7TgQQSsBBGWzjEXwCzu8vp_YiajNV0lnTMvWQ3iXGCUdOs2LXTlD4MkOjaqsqOIhtMQvA37uKl6PhKO-W1sSscShdzIWFuVeSs7q6Gg_GdAFzNoD9chL-ZSEMnX0z1udPPgg11sO-bnGbs2”\n}’
2020-04-01 23:29:32,458:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/finalize/12305087/82638900:
{
“protected”: “eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xMjMwNTA4NyIsICJub25jZSI6ICIwMDAxTFJ3X1BqMWVFZ29YSDcyVGZObmd2T3VLYjJNRmRrUkxYSFg2cDZpT0dTSSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9maW5hbGl6ZS8xMjMwNTA4Ny84MjYzODkwMCJ9”,
“signature”: “GRmmhzmMOM0PfDqlioRcgbhCVHTyZVMH9QVfJfaESJQyb5jREs48a6heV0zyNQRcUjgW_LIb7ZF-8T2JvY711hDGf–90S17mU96szw13xVycPIhPmiWSj3oVsFlBdGRSU6V71ICo-LH1rXdYTEnENaSKUgKPOL7pCkvlJFZTfqoY5STM_QcrJNKeX7x3dr5Hsi7z3bV1zK3p0Lk0kCeSiaxCvu-SuJZfntwp1wKubqM5Qxr1STWi9EJgx-1l22Qo9T_9f3sqEQYJH492bcUUMB16hS1RMjwZ3x2bqfF28y8-KWEkMUL4-ekUdUXqFd5SrGEBTXGBdhsLRM0sQnOfg”,
“payload”: “ewogICJyZXNvdXJjZSI6ICJuZXctY2VydCIsCiAgImNzciI6ICJNSUlDaHpDQ0FXOENBUUl3QURDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTlVMYjlKMVg4VmUtcUc4aXVJMHFibEkyZ3NTRmkyWm95VUo3UTlLYmRQNnJBbU9zZHZmOFF6MGJXYnBiRGtQQjZNSlc0U2NCTjBEYmhjZW1ETHRWczBqa3c1TjVpS0UtSGhfSDFabHBndGNjLWlEQWVDX3BMNmZFVkJqc1o2TjF0OVVlLWtMOVV4N0lfUWVLWE1Xd3Q4VWwtOVJUc0g4cmt1Z1ZPSTRrUkN6UzRsWmZ0NWNHRUMyTm9vYkt6cGthV044Qmg4VFJoRDZUSWhONVJidWw4WDZacHhNWGRHczhZd0g0SmJQLVNybWQxSFloSl82SDNlSjlKY3Zib3FHek83YTR5UlZfaWZ6ejNsdzFVUlJUNENxalFBc2x3WVQySl81Wnc2bE96aEt5VllMaER2ank1RVBZTGxibk5uempad082S19mU3lMSlJ0Zy05dXl2aWVVQ0F3RUFBYUJDTUVBR0NTcUdTSWIzRFFFSkRqRXpNREV3THdZRFZSMFJCQ2d3Sm9JUFkzbDBZMjl1WldOMFlYSXVZMjl0Z2hOM2QzY3VZM2wwWTI5dVpXTjBZWEl1WTI5dE1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQ3B6TXlyVW5IeHM2TTQzNERNUDdldGpnWkZvNURDQ2sxclQ1a1NKNnVCWTZlcG5HdVRzQ0VqNjVwTDIxcjlra3FaX2pmdENyYTNKMkJxMUo4M1dGR2xkSFRmd09RRktKUkMwS1ZOdnU4M3FGcDMwMmJBT3BSMHZFOWRBSXVyZDJHWUxhWnlpbkJBUDJ2S2NCbkRZSjlzaTJCVGc0S3FvV1EwQm5WYzgwMjVlU3REeWQ0Smg4YmtmM1VhSk9RaWpsX3FpSUctbTdUZ1FRU3NCQkdXempFWHdDenU4dnBfWWlhak5WMGxuVE12V1EzaVhHQ1VkT3MyTFhUbEQ0TWtPamFxc3FPSWh0TVF2QTM3dUtsNlBoS08tVzFzU3NjU2hkeklXRnVWZVNzN3E2R2dfR2RBRnpOb0Q5Y2hMLVpTRU1uWDB6MXVkUFBnZzExc08tYm5HYnMyIgp9”
}
2020-04-01 23:29:32,647:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 “POST /acme/finalize/12305087/82638900 HTTP/1.1” 200 603
2020-04-01 23:29:32,648:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 01 Apr 2020 23:29:32 GMT
Content-Type: application/json
Content-Length: 603
Connection: keep-alive
Boulder-Requester: 12305087
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel=“index”
Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/12305087/82638900
Replay-Nonce: 0001Nah8uiJWfdG002XATca8dEy6jczrXMWIrRAyWHgbeHg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“status”: “valid”,
“expires”: “2020-04-08T23:29:32Z”,
“identifiers”: [
{
“type”: “dns”,
“value”: “cytconectar.com
},
{
“type”: “dns”,
“value”: “www.cytconectar.com
}
],
“authorizations”: [
https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46923266”,
https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46923267
],
“finalize”: “https://acme-staging-v02.api.letsencrypt.org/acme/finalize/12305087/82638900”,
“certificate”: “https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa07b323ee1ce72b80fef43b47e8ef2988a0
}
2020-04-01 23:29:32,648:DEBUG:acme.client:Storing nonce: 0001Nah8uiJWfdG002XATca8dEy6jczrXMWIrRAyWHgbeHg
2020-04-01 23:29:33,650:DEBUG:acme.client:JWS payload:
b’’
2020-04-01 23:29:33,651:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/order/12305087/82638900:
{
“protected”: “eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xMjMwNTA4NyIsICJub25jZSI6ICIwMDAxTmFoOHVpSldmZEcwMDJYQVRjYThkRXk2amN6clhNV0lyUkF5V0hnYmVIZyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9vcmRlci8xMjMwNTA4Ny84MjYzODkwMCJ9”,
“signature”: “UULJLPFnZVlkELm1vV2HxReJgencoWSwXBZMgGCkqarUTVij7RkVyRdRWOdAOu2V-CIINcHdKPVA8T_c3XX5RF7scGCAscCVqiWaoxGZbVaXF819CkgAd4TAz1ZIc7ZofPXhnnG84fzma5NkPKch8m-N4pan1J8nZtmIUpDI-qfESsPL3ofhEakxdG9sgqt12iwYypREdi2HOW9xDoNIUD1-NU07jdbukyclMqDGx4nlhQlxBswURld0F0fezyorNf01FJI3oE8nXoFxN6GQ-5bfomV3gocaN6Nn8u6OUza4-SkIGSnOmBNK3uRLc7ybdgm1ox1kv49bKfPRpuscPw”,
“payload”: “”
}
2020-04-01 23:29:33,686:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 “POST /acme/order/12305087/82638900 HTTP/1.1” 200 603
2020-04-01 23:29:33,686:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 01 Apr 2020 23:29:33 GMT
Content-Type: application/json
Content-Length: 603
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 00025N_vY3-tmUkcHBl-vxKkhlLXf2DjsQWCvlBXbMBI82U
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“status”: “valid”,
“expires”: “2020-04-08T23:29:32Z”,
“identifiers”: [
{
“type”: “dns”,
“value”: “cytconectar.com
},
{
“type”: “dns”,
“value”: “www.cytconectar.com
}
],
“authorizations”: [
https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46923266”,
https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46923267
],
“finalize”: “https://acme-staging-v02.api.letsencrypt.org/acme/finalize/12305087/82638900”,
“certificate”: “https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa07b323ee1ce72b80fef43b47e8ef2988a0
}
2020-04-01 23:29:33,686:DEBUG:acme.client:Storing nonce: 00025N_vY3-tmUkcHBl-vxKkhlLXf2DjsQWCvlBXbMBI82U
2020-04-01 23:29:33,687:DEBUG:acme.client:JWS payload:
b’’
2020-04-01 23:29:33,688:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa07b323ee1ce72b80fef43b47e8ef2988a0:
{
“protected”: “eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xMjMwNTA4NyIsICJub25jZSI6ICIwMDAyNU5fdlkzLXRtVWtjSEJsLXZ4S2tobExYZjJEanNRV0N2bEJYYk1CSTgyVSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jZXJ0L2ZhMDdiMzIzZWUxY2U3MmI4MGZlZjQzYjQ3ZThlZjI5ODhhMCJ9”,
“signature”: “aFV7y74W_mzBS2GX-NOZk79LIhBZ5cfKsVVi8ePEA3w-6ANGfHURzOAuKW0gksYGXlpO9djrKgHvd4c2qtcZwKHMvTTQRbBsuL4apDF-FVR3ysEVfo1UvsQG7zRqdruJjtCsNKgt_0McwpbAELY1duznxU0TvSkioeNzkgICORv100uoujXnCxzJaplmIlTo9jPu_d1Ts4VHhhgfyKLBBGF4mtJF0U-H0KFp9sCiwnyZlPLi7k1McOLLdLGwPmUKLDRPA5kBOCEK2lVXgpfzhSlk9w7vOVMSWfqsNl3bKTaKWKlxBLxNWW69zPCDh3reFu-ViTonHJdxQPL6tW0wtg”,
“payload”: “”
}
2020-04-01 23:29:33,730:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 “POST /acme/cert/fa07b323ee1ce72b80fef43b47e8ef2988a0 HTTP/1.1” 415 168
2020-04-01 23:29:33,731:DEBUG:acme.client:Received response:
HTTP 415
Server: nginx
Date: Wed, 01 Apr 2020 23:29:33 GMT
Content-Type: application/problem+json
Content-Length: 168
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0001DskHdL2px2PG93lj-dG-IFzph6etq7AbTt5GufG76GU

{
“type”: “urn:ietf:params:acme:error:malformed”,
“detail”: “Invalid Content-Type header on POST. Content-Type must be “application/jose+json””,
“status”: 415
}
2020-04-01 23:29:33,731:DEBUG:acme.client:Error during a POST-as-GET request, your ACME CA may not support it:
urn:ietf:params:acme:error:malformed :: The request message was malformed :: Invalid Content-Type header on POST. Content-Type must be “application/jose+json”
2020-04-01 23:29:33,731:DEBUG:acme.client:Retrying request with GET.
2020-04-01 23:29:33,731:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa07b323ee1ce72b80fef43b47e8ef2988a0.
2020-04-01 23:29:33,780:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 “GET /acme/cert/fa07b323ee1ce72b80fef43b47e8ef2988a0 HTTP/1.1” 405 103
2020-04-01 23:29:33,781:DEBUG:acme.client:Received response:
HTTP 405
Server: nginx
Date: Wed, 01 Apr 2020 23:29:33 GMT
Content-Type: application/problem+json
Content-Length: 103
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel=“index”

{
“type”: “urn:ietf:params:acme:error:malformed”,
“detail”: “Method not allowed”,
“status”: 405
}
2020-04-01 23:29:33,781:WARNING:certbot.renewal:Attempting to renew cert (cytconectar.com) from /etc/letsencrypt/renewal/cytconectar.com.conf produced an unexpected error: urn:ietf:params:acme:error:malformed :: The request message was malformed :: Method not allowed. Skipping.
2020-04-01 23:29:33,783:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/certbot/renewal.py”, line 452, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1193, in renew_cert
renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
File “/usr/lib/python3/dist-packages/certbot/main.py”, line 116, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File “/usr/lib/python3/dist-packages/certbot/renewal.py”, line 310, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
File “/usr/lib/python3/dist-packages/certbot/client.py”, line 369, in obtain_certificate
cert, chain = self.obtain_certificate_from_csr(csr, orderr)
File “/usr/lib/python3/dist-packages/certbot/client.py”, line 301, in obtain_certificate_from_csr
orderr = self.acme.finalize_order(orderr, deadline)
File “/usr/lib/python3/dist-packages/acme/client.py”, line 908, in finalize_order
return self.client.finalize_order(orderr, deadline)
File “/usr/lib/python3/dist-packages/acme/client.py”, line 743, in finalize_order
content_type=DER_CONTENT_TYPE).text
File “/usr/lib/python3/dist-packages/acme/client.py”, line 791, in _post_as_get
return self.net.get(*args, **kwargs)
File “/usr/lib/python3/dist-packages/acme/client.py”, line 1152, in get
self._send_request(‘GET’, url, **kwargs), content_type=content_type)
File “/usr/lib/python3/dist-packages/acme/client.py”, line 1054, in _check_response
raise messages.Error.from_json(jobj)
acme.messages.Error: urn:ietf:params:acme:error:malformed :: The request message was malformed :: Method not allowed

2020-04-01 23:29:33,783:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2020-04-01 23:29:33,783:ERROR:certbot.renewal: /etc/letsencrypt/live/cytconectar.com/fullchain.pem (failure)
2020-04-01 23:29:33,784:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/usr/bin/certbot”, line 11, in
load_entry_point(‘certbot==0.31.0’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1365, in main
return config.func(config, plugins)
File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1272, in renew
renewal.handle_renewal_request(config)
File “/usr/lib/python3/dist-packages/certbot/renewal.py”, line 477, in handle_renewal_request
len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)

1 Like
2

Hi @fede18_lfc,

As per this thread, for example

you most likely need to update to a newer version of Certbot.

The installation instructions for Certbot on Ubuntu 18.04 now recommend using the PPA:

https://certbot.eff.org/lets-encrypt/ubuntubionic-apache

This will allow you to get more recent Certbot releases than the one packaged with your operating system. (Have you updated your OS packages with apt already? Perhaps your operating system itself already has a newer version available.)

2 Likes
3

Is your system up-to-date?

If you run sudo apt update and apt list --upgradeable, does anything need to be upgraded?

1 Like
4

Yeaah! update certbot is the solution! Thanks to both @schoen and @mnordhoff

Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/cytconectar.com/fullchain.pem (success)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)

4 Likes
5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.