Cannot renew certificate

It would seem that neither of those is the case.
[which begs the question: Is it ever the case? - If not, why have the code?]


The web server is an internal machine behind a router. It's IP number is so when the connection is made from the outside world, the IP that it is connected to is

So, why have that code there?


I did try commenting out those lines, restarting apache and doing the certbot dryrun. It didn't help with problem.

When I had a PCI scan a while ago, they had a complaint that I don't completely recall but adding those lines fixed the problem they were seeing.

We didn't say it would fix the problem.
It is just us trying to clean things up and reduce the amount of things to deal with.

My suggestion remains:


I am not familiar with --webroot What is it?

User Guide — Certbot 2.6.0 documentation (


First, my apologies, I just commented out those lines and restarted apache and the certbot renew worked just fine. Was sure I had already tried that but I guess I hadn't restarted apache. Anyway, I will take a look at using webroot and thanks for all of your help.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.