I’m trying to set up auto-renew and I’m not sure if it’s working, here is an abridged output of the command:
sudo certbot renew --dry-run
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/ultimaterehabestimator.com/fullchain.pem (success)
/etc/letsencrypt/live/ultimaterehabestimator.com-0001/fullchain.pem (success)
/etc/letsencrypt/live/www.ultimaterehabestimator.com/fullchain.pem (success)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)
Running post-hook command: nginx
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:444 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:444 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:444 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:444 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:444 failed (98: Address already in use)
nginx: [emerg] still could not bind()
Interesting, it looks like the previous person who obtained the certificates tried a couple of slightly contradictory methods for obtaining them, perhaps without realizing that all of the old methods were being saved rather than being replaced by the new ones.
I think there will be an option for deleting some of these and just keeping the one that works best, but it might be a little subtle to figure out which one that is. Could you also please run certbot certificates so we can see exactly which domain names each of these covers?