Cannot renew certificate: tcp port 80 is already used by (("nginx",pid=

My domain is:

I ran this command: --renew -d

It produced this output:

[Tue 06 Feb 2024 07:02:07 PM CET] Renew: ''
[Tue 06 Feb 2024 07:02:07 PM CET] Using CA:
[Tue 06 Feb 2024 07:02:07 PM CET] Standalone mode.
[Tue 06 Feb 2024 07:02:07 PM CET] LISTEN    0         128           *        users:(("nginx",pid=25772,fd=8),("nginx",pid=25771,fd=8),("nginx",pid=733,fd=8))
LISTEN    0         128                   [::]:80                  [::]:*        users:(("nginx",pid=25772,fd=9),("nginx",pid=25771,fd=9),("nginx",pid=733,fd=9))
[Tue 06 Feb 2024 07:02:07 PM CET] tcp port 80 is already used by (("nginx",pid=25772,fd=8),("nginx",pid=25771,fd=8),("nginx",pid=733,fd=8))
80                  [
[Tue 06 Feb 2024 07:02:07 PM CET] Please stop it first
[Tue 06 Feb 2024 07:02:07 PM CET] _on_before_issue.

My web server is (include version): nginx/1.14.2

The operating system my web server runs on is (include version): "Debian GNU/Linux 10

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): / v2.8.8

I have two certificates on that server one for and another for with the SAN domains and --list gives me:

Main_Domain                KeyLength  SAN_Domains                                        CA               Created                          Renew    ""         no                                         Sat 19 Nov 2022 09:30:22 AM UTC  Wed 18 Jan 2023 09:30:22 AM UTC   "",  Tue 06 Feb 2024 06:01:13 PM UTC  Sat 06 Apr 2024 06:01:13 PM UTC

I am pretty sure this setup worked in the past. But since Januray 2023 the certificate for won't renew while it works fine for

Am I doing anything wrong?

Hello @chris492, welcome to the Let's Encrypt community. :slightly_smiling_face:

More support is here Issues · acmesh-official/ · GitHub


Or we could ping @Neilpang for a leg up!


Why are you using standalone mode instead of webroot mode? Did you add (or reconfigure) nginx recently?


Webroot would be good.


Thanks for Ping me.

@chris492 you first issued the cert with standalone mode, which used your 80 port. and later you started your nginx server, which is listening on 80 port now. So, when you renew your cert, it tries to use the 80 port, but it's used by nginx already.

please issue the cert again with webroot mode.


Hi Neilpang, thanks for your advice.

It works with using --issue -d -w /var/www/nextcloud/. Let's see if the certificate will be renewed after two month.

I tried with --issue --nginx -d -w /var/www/nextcloud/
but got the error error: Invalid response from 404

Just to clarify what has been installed on that server:

  • I first used it just as a mail server. But I installed Nginx right from the beginning for the certificate and Rspamd. I issued the certificate for with the SAN domains and
  • Later I added a Nextcloud server. I issued a second certificate again using the Nginx mode. That worked fine at least one time as I gto a certifica. But that certificate was not renewed.
1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.