An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively


#1

Suddenly I’m getting this error when running certbot-auto renew --quiet. How do I fix it? Why is a hook needed – it worked fine as it is in the past?

[root@zitcom ~]# /root/certbot-auto renew --quiet
Attempting to renew cert from /etc/letsencrypt/renewal/tracking.sb-group.dk.conf produced an unexpected error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',). Skipping.

The following certs are not due for renewal yet:
[...]
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/tracking.sb-group.dk/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)

[root@zitcom ~]# cat /etc/letsencrypt/renewal/tracking.sb-group.dk.conf
# renew_before_expiry = 30 days
version = 0.9.3
cert = /etc/letsencrypt/live/tracking.sb-group.dk/cert.pem
privkey = /etc/letsencrypt/live/tracking.sb-group.dk/privkey.pem
chain = /etc/letsencrypt/live/tracking.sb-group.dk/chain.pem
fullchain = /etc/letsencrypt/live/tracking.sb-group.dk/fullchain.pem

# Options used in the renewal process
[renewalparams]
authenticator = manual
installer = None
rsa_key_size = 4096
account = [...]
manual_public_ip_logging_ok = True

#2

Hi @emil

I believe as you are using -quiet you need a script to fulfill the challenge as there is no dialogue boxes

@schoen is this correct?

Andrei


#3

Yeah. I found out. The cert shouldn’t even be renewed. My bad.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.