Autorenew gives errors using nginx and ubuntu

I’m trying to set up auto-renew and I’m not sure if it’s working, here is an abridged output of the command:

sudo certbot renew --dry-run

Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/ultimaterehabestimator.com/fullchain.pem (success)
/etc/letsencrypt/live/ultimaterehabestimator.com-0001/fullchain.pem (success)
/etc/letsencrypt/live/www.ultimaterehabestimator.com/fullchain.pem (success)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)
Running post-hook command: nginx

nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:444 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:444 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:444 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:444 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:444 failed (98: Address already in use)
nginx: [emerg] still could not bind()

Hi @RobinReborn,

How did you originally obtain these certificates? (What commands did you run?)

It’s a legacy project so the certificates were there before I started working on it.

OK, can you post the result of running this command as root?

cat /etc/letsencrypt/renewal/*

renew_before_expiry = 30 days

version = 0.17.0
archive_dir = /etc/letsencrypt/archive/ultimaterehabestimator.com-0001
cert = /etc/letsencrypt/live/ultimaterehabestimator.com-0001/cert.pem
privkey = /etc/letsencrypt/live/ultimaterehabestimator.com-0001/privkey.pem
chain = /etc/letsencrypt/live/ultimaterehabestimator.com-0001/chain.pem
fullchain = /etc/letsencrypt/live/ultimaterehabestimator.com-0001/fullchain.pem

Options used in the renewal process

[renewalparams]
authenticator = nginx
installer = nginx
account = aa6e30c1172b7d6dbfdd3e9b7c2ad224

renew_before_expiry = 30 days

cert = /etc/letsencrypt/live/ultimaterehabestimator.com/cert.pem
privkey = /etc/letsencrypt/live/ultimaterehabestimator.com/privkey.pem
chain = /etc/letsencrypt/live/ultimaterehabestimator.com/chain.pem
fullchain = /etc/letsencrypt/live/ultimaterehabestimator.com/fullchain.pem
version = 0.17.0
archive_dir = /etc/letsencrypt/archive/ultimaterehabestimator.com

Options and defaults used in the renewal process

[renewalparams]
installer = nginx
authenticator = standalone
account = aa6e30c1172b7d6dbfdd3e9b7c2ad224
pre_hook = nginx -s stop
post_hook = nginx

renew_before_expiry = 30 days

cert = /etc/letsencrypt/live/www.ultimaterehabestimator.com/cert.pem
privkey = /etc/letsencrypt/live/www.ultimaterehabestimator.com/privkey.pem
chain = /etc/letsencrypt/live/www.ultimaterehabestimator.com/chain.pem
fullchain = /etc/letsencrypt/live/www.ultimaterehabestimator.com/fullchain.pem
version = 0.17.0
archive_dir = /etc/letsencrypt/archive/www.ultimaterehabestimator.com

Options and defaults used in the renewal process

[renewalparams]
installer = nginx
authenticator = nginx
account = aa6e30c1172b7d6dbfdd3e9b7c2ad224

Interesting, it looks like the previous person who obtained the certificates tried a couple of slightly contradictory methods for obtaining them, perhaps without realizing that all of the old methods were being saved rather than being replaced by the new ones.

I think there will be an option for deleting some of these and just keeping the one that works best, but it might be a little subtle to figure out which one that is. Could you also please run certbot certificates so we can see exactly which domain names each of these covers?

3 posts were split to a new topic: Nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.