I'm trying to update my certificate, but I keep getting an error:
Attempting to parse the version 0.20.0 renewal configuration file found at /etc/letsencrypt/renewal/grants.nif.org.au.conf with version 0.19.0 of Certbot. This might not work.
No idea where to go from here.
Thanks.
My domain is: grants.nif.org.au
I ran this command: sudo certbot renew --dry-run
It produced this output:
Attempting to parse the version 0.20.0 renewal configuration file found at /etc/letsencrypt/renewal/grants.nif.org.au.conf with version 0.19.0 of Certbot. This might not work.
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator standalone, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for grants.nif.org.au
Cleaning up challenges
Attempting to renew cert (grants.nif.org.au) from /> etc/letsencrypt/renewal/grants.nif.org.au.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/grants.nif.org.au/fullchain.pem (failure)
My web server is (include version): Apache/2.4.7 (I'm using a Bitnami installation, Bitnami LAMP 5.6.30-2)
The operating system my web server runs on is (include version): Ubuntu 14.04
My hosting provider, if applicable, is: Azure
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
Attempting to renew cert (grants.nif.org.au) from /etc/letsencrypt/renewal/grants.nif.org.au.conf produced an unexpected error: Problem binding to port 443: Could not bind to IPv4 or IPv6.. Skipping.
Well, it should work for now if you stop Apache before performing the renewal and then restart it afterward. If that works, we can then set it so that this happens automatically in the future.
Hello guys, got the same issues, probably 2 versions of certbot.
Attempting to parse the version 0.14.0 renewal configuration file │
│ found at /etc/letsencrypt/renewal/nabil.photo.conf with version │
│ 0.8.1 of Certbot. This might not work.
How can I clean this to just have the last version ?
And how to erase a cert for an abandoned domain ? Revoke ?
No, that’s not expected - if everything was working correctly, it should start using the new certificate right away.
If you copied the files originally, your Apache configuration might still be pointing at the old copies. Search the relevant Apache config file for SSLCertificateFile and SSLCertificateKeyFile - they should be pointed at the symbolic links /etc/letsencrypt/live/grants.nif.org.au/fullchain.pem and /etc/letsencrypt/live/grants.nif.org.au/privkey.pem respectively. If they’re not, you should fix them and restart Apache.
(Those links get updated when the cert is renewed; if you copied the files instead, you would have to copy them again after each renewal)
(EDIT: I assumed when you said you “looked at the certificate” you mean the certificate served by your website, as opposed to the certificate file on your server, right?)
Hi @kameleon1er, do you have certbot-auto installed somewhere?
There is a certbot delete command where you specify a --cert-name to indicate which one to delete (you can find it, among other things, by running certbot certificates).
You could do that, but of course it would temporarily stop your server every time the cron job runs. A better approach would be to use certbot’s hooks. For example, run something like this, once:
Then you can just run /path/to/certbot-auto renew from your cron job, as root, once or twice a day. It remembers the hooks, and they only kick in when the cert is actually due for renewal, so it’s ok to run it that frequently, which gives it a chance to recover in case of a temporary failure.