I followed the instructions on Certbot to the letter, to install a cert on my brand new, fully up to date Ubuntu 16.04 LTS VPS, for the domain server05.pepsoft.org. The installation worked and I can reach my server via SSL. However the instructions for testing the automatic renewal fail with the following messages:
letsencrypt renew --dry-run
Processing /etc/letsencrypt/renewal/server05.pepsoft.org.conf
2016-09-11 16:15:52,218:WARNING:letsencrypt.client:Registering without email!
2016-09-11 16:15:53,980:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/server05.pepsoft.org.conf produced an unexpected error: Missing command line flag or config entry for this setting:
Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf. You must agree in order to register with the ACME server at https://acme-staging.api.letsencrypt.org/directory
(You can set this with the --agree-tos flag). Skipping.
** DRY RUN: simulating 'letsencrypt renew' close to cert expiry
** (The test certificates below have not been saved.)All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/server05.pepsoft.org/fullchain.pem (failure)
** DRY RUN: simulating 'letsencrypt renew' close to cert expiry
** (The test certificates above have not been saved.)
1 renew failure(s), 0 parse failure(s)
My questions are:
- How do I fix this situation?
- Can the instructions be updated so that they correctly take this situation into account?
I found other threads about the same problem, but they don't actually provide a solution, nor have the instructions been fixed. I know I can add --agree-tos to the command line, but I don't know if that is the correct solution (in which case the instructions should reflect that), and that still generates the warning about "registering without email". I also found a "tos = False" line in the conf file, but setting that to True made no difference.
If necessary I can provide config files, log files, etc.