An error occurred renewing certificates with Let's Encrypt:

djdonniedeeza · June 4, 2024, 10:16pm

My domain is: shop.stonecountertops.co.za

I ran this command: sudo /opt/bitnami/bncert-tool

It produced this output: An error occurred renewing certificates with Let's Encrypt:

My web server is (include version):

The operating system my web server runs on is (include version): aws

My hosting provider, if applicable, is: lightsail

I can login to a root shell on my machine yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

/tmp/bncert-202406042201.log

MikeMcQ · June 4, 2024, 10:38pm

If you could post the contents of /tmp/bncert-202406042201.log we might be able to help. There isn't a lot in your post for us to work with.

I'd first suggest reviewing the Troubleshooting section for the bncert tool here:
https://docs.bitnami.com/aws/how-to/understand-bncert/

Bruce5051 · June 5, 2024, 3:11am

Here https://dnsviz.net/d/shop.stonecountertops.co.za/dnssec/ is showing some DNSSEC errors
and here Hardenize Report: shop.stonecountertops.co.za is showing DNS Zone errors.

MikeMcQ · June 5, 2024, 3:59am

Adding on to @Bruce5051 info ... with LightSail you probably shouldn't be using Cloudflare alongside the AWS Route53 / Lightsail DNS.

I don't know why https://unboundtest.com and Let's Debug test with Let's Encrypt Staging are even able to get consistent DNS results. But, they do.

So, maybe above are DNS issues are not related to your cert failure but still should be corrected

Will need to see that log I mentioned

https://unboundtest.com/m/A/shop.stonecountertops.co.za/CTZADW6M

djdonniedeeza · June 21, 2024, 10:13pm

/tmp/bncert-202406212210.log

MikeMcQ · June 22, 2024, 2:37am

That is just the name of the log file. You should either use the upload button to send it to this forum. Or, copy/paste the contents into a post.

I see you have improved your DNS. But, there are still errors. See pic below from dnsviz test. It is possible these DNS problems are your only problem. Or, you might have other problems too. In any case you should correct the DNS.

LightSail DNS was slightly different than Route53. I am not sure if it still is. If it is the same as Route53 then you need to make sure the 4 nameservers listed under "Hosted zone details" in the Route 53 console are the same ones listed at both your registrar, and in the NS record for your zone. (Refer to "Step 4" of the documentation for using Route 53 as your DNS .)

system · July 22, 2024, 2:37am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Trying to renew certificate Help	6	1713	February 11, 2019
DNS problem: SERVFAIL looking up A for www.rnelnet.com DNSSEC issue? Help	4	1460	September 13, 2019
Recent Renewal issues Help	3	457	October 17, 2020
Lets-encrypt autorenewal and email problems - linked? Help	3	924	February 3, 2022
Renew certificate error Help	21	143	February 18, 2025

An error occurred renewing certificates with Let's Encrypt:

Related topics