"All renewals failed" but most are OK?

Help
1

When running certbot renew , most of the domains seem fine. But I see an error at the end like this for a bunch of domains that I think are dead (so legitimate errors):

All renewals failed. The following certificates could not be renewed:
  /etc/letsencrypt/live/hereandnowband.org/fullchain.pem (failure)
  /etc/letsencrypt/live/www.andovermassage.co.uk/fullchain.pem (failure)
  /etc/letsencrypt/live/www.gottafindaplacetostay.com/fullchain.pem (failure)
  /etc/letsencrypt/live/www.hashnext.com/fullchain.pem (failure)
  /etc/letsencrypt/live/www.spekeugandaholidays.com/fullchain.pem (failure)
  /etc/letsencrypt/live/www.sugoodacre.com/fullchain.pem (failure)

What is meant by "all" renewals failing here? Seems a bit alarming...!

--

My web server is (include version): Apache

The operating system my web server runs on is (include version): Ubuntu 22.04

My hosting provider, if applicable, is: Jump networks

I can login to a root shell

I'm not using a control panel

The version of my client is: certbot 2.6.0

2

It means that all of the certificates that were due for renewal were tried and failed. You may have other certificates that are not yet due for renewal and so nothing would have been done for those.

You should use certbot delete --cert-name X to delete them if no longer used.
https://eff-certbot.readthedocs.io/en/stable/using.html#safely-deleting-certificates

4 Likes
3

Oh OK, thanks. It just seems like the message should just say, "The following certificates could not be renewed" rather than prefixing that with "All renewals failed". Not a big deal I guess though, but I did do a double take :slight_smile:

1 Like