Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: no-data.org
I ran this command: sudo certbot renew --dry-run
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/no-data.org.conf
Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for no-data.org
Cleaning up challenges
Attempting to renew cert (no-data.org) from /etc/letsencrypt/renewal/no-data.org.conf produced an unexpected error: Missing command line flag or config entry for this setting:
Input the webroot for no-data.org:. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/no-data.org/fullchain.pem (failure)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/no-data.org/fullchain.pem (failure)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)
1 renew failure(s), 0 parse failure(s)
My web server is (include version):
Apache/2.4.34 (Ubuntu)
The operating system my web server runs on is (include version):
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.10
My hosting provider, if applicable, is:
digitalocean
I can login to a root shell on my machine (yes or no, or I don’t know):
@
:
# #yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.31.0
Additional info:
-
Showing ssl-params.conf:
ServerAdmin admin@no-data.org
DocumentRoot /var/www/html
ErrorLog {APACHE_LOG_DIR}/error.log CustomLog {APACHE_LOG_DIR}/access.log combined
SSLEngine on
#SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateFile /etc/letsencrypt/live/no-data.org/fullchain.pem
#SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLCertificateKeyFile /etc/letsencrypt/live/no-data.org/privkey.pem
<FilesMatch “.(cgi|shtml|phtml|php)$”>
SSLOptions +StdEnvVars
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
BrowserMatch “MSIE [2-6]”
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
-
Showing letsencrypt.log traceback:
Input the webroot for no-data.org:
2019-06-26 09:48:36,513:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2019-06-26 09:48:36,514:ERROR:certbot.renewal: /etc/letsencrypt/live/no-data.org/fullchain.pem (failure)
2019-06-26 09:48:36,515:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/usr/bin/certbot”, line 11, in
load_entry_point(‘certbot==0.31.0’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1365, in main
return config.func(config, plugins)
File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1272, in renew
renewal.handle_renewal_request(config)
File “/usr/lib/python3/dist-packages/certbot/renewal.py”, line 477, in handle_renewal_request
len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
- Showing no-data.org.conf:
renew_before_expiry = 30 days
version = 0.31.0
archive_dir = /etc/letsencrypt/archive/no-data.org
cert = /etc/letsencrypt/live/no-data.org/cert.pem
privkey = /etc/letsencrypt/live/no-data.org/privkey.pem
chain = /etc/letsencrypt/live/no-data.org/chain.pem
fullchain = /etc/letsencrypt/live/no-data.org/fullchain.pem
#webroot = /var/www # this produces same result
Options used in the renewal process
[renewalparams]
account = 16d0bceda76c2f368158b13ebdca2f6b
authenticator = webroot
server = https://acme-v02.api.letsencrypt.org/directory
@
:/etc/letsencrypt/live/no-data.org# certbot renew --cert-name 