Auto Renew Issue

Hi,
I have successfully installed a letsencrypt certificate manually with certbot through the terminal on my imac following the documentation on certbots website and liquidweb.com. The issue that I’m having now is that I need to make sure I can autorenew the certificates. I’m running into trouble with this. Please see the error below that I’m getting. I think the solution may involve hooks but I’m am very new to this so I’m unsure on exactly what to do. I do not have access to my SSH, only FTP. I’m not sure what other options I have to setup automatic renewal.

Specs:

My domain is: ithacalivingsolutions.com

I ran this command: sudo -H certbot certonly --manual --preferred-challenges http -d www.ithacalivingsolutions.com -d ithacalivingsolutions.com

and also

sudo certbot renew --dry-run

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/www.ithacalivingsolutions.com.conf

Cert not due for renewal, but simulating renewal for dry run
Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.’)
Attempting to renew cert (www.ithacalivingsolutions.com) from /etc/letsencrypt/renewal/www.ithacalivingsolutions.com.conf produced an unexpected error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.’). Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.ithacalivingsolutions.com/fullchain.pem (failure)

** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.ithacalivingsolutions.com/fullchain.pem (failure)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)

1 renew failure(s), 0 parse failure(s)

My web server is (include version): Using Liquidweb.com cloudsites

The operating system my web server runs on is (include version): apache

My hosting provider, if applicable, is: Using Liquidweb.com cloudsites

I can login to a root shell on my machine (yes or no, or I don’t know): no

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

Hi @ststruff,

Normally Certbot and other Let’s Encrypt clients are meant to be run directly on the web server. It sounds like that’s not a possibility in your hosting environment, which makes Let’s Encrypt a more challenging fit for your setup.

Your three main options are

• change hosting providers
• persuade your hosting provider to offer a better form of Let’s Encrypt integration
• write a script to automate this process

The last option would indeed involve hooks, namely the --manual-auth-hook and --deploy-hook options in Certbot, which let you specify scripts that you’ve written that perform the necessary steps.

You might also be interested in the getssl client, which includes a “remote webroot” feature where the webroot location can be on a remote server:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.