Auto renewal failing, manual renewal ok

mbaldazzi85 · December 4, 2020, 5:42pm

I'm running some servers protected with Letsencrypt and I'm freaking out about how to make auto-renewal work ... if I manually launch the renewal everything works fine.

In the log letsencrypt.log I find this error "Requesting acme-v02.api.letsencrypt.org/directory: Network is unreachable. Skipping."

the server is ubuntu 20 with apache behind a proxy and had set all variables in /etc/environment as well, i also set in /etc/cron.d/certbot export http_proxy = ...... && https_proxy = ...... command, but is the same.
the only different thing from another environment where everything works properly is that the icmp (traceroute) protocol is not open on the firewall.

I honestly don't understand why with the "certbot renew --dry-run" command everything works properly while it doesn't work automatically.

what did i do wrong?

Rip · December 4, 2020, 8:32pm

@mbaldazzi85 Welcome!

The best talent on this forum are reluctant to spend valuable time guessing at solutions when they have been provided so little information. Especially since you have indicated a proxy and firewall in your topology... More information would help get you a working solution a lot faster.

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com 1), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version): Apache

The operating system my web server runs on is (include version): Ubuntu 20

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

system · January 3, 2021, 8:25pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.