I’m try to renew my cert now, it will Expiry after 18 days.
domain: astr.moe
certbot verstion: 0.24.0
with CloudFlare
$ sudo certbot renew --dry-run
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator dns-cloudflare, Installer nginx
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
Renewing an existing certificate
Attempting to renew cert (astr.moe) from /etc/letsencrypt/renewal/astr.moe.conf produced an unexpected error: Deserialization error: Could not decode 'status' (u'ready'): Deserialization error: Status not recognized. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/astr.moe/fullchain.pem (failure)
/var/log/letsencrypt/letsencrypt.log
2018-06-28 14:09:39,771:DEBUG:acme.client:Received response:
HTTP 201
content-length: 547
expires: Thu, 28 Jun 2018 05:09:39 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
location: https://acme-staging-v02.api.letsencrypt.org/acme/order/{Delete}
pragma: no-cache
boulder-requester: 5934668
date: Thu, 28 Jun 2018 05:09:39 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: {Delete}
{
"status": "ready",
"expires": "2018-07-05T05:09:39.641761796Z",
"identifiers": [
{
"type": "dns",
"value": "*.astr.moe"
},
{
"type": "dns",
"value": "astr.moe"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz/{Delete}",
"https://acme-staging-v02.api.letsencrypt.org/acme/authz/{Delete}"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/{Delete}"
}
2018-06-28 14:09:39,772:DEBUG:acme.client:Storing nonce: {Delete}
2018-06-28 14:09:39,772:WARNING:certbot.renewal:Attempting to renew cert (astr.moe) from /etc/letsencrypt/renewal/astr.moe.conf produced an unexpected error: Deserialization error: Could not decode 'status' (u'ready'): Deserialization error: Status not recognized. Skipping.
2018-06-28 14:09:39,774:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/certbot/renewal.py", line 422, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 1151, in renew_cert
_get_and_save_cert(le_client, config, lineage=lineage)
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 113, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/usr/lib/python2.7/site-packages/certbot/renewal.py", line 297, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains)
File "/usr/lib/python2.7/site-packages/certbot/client.py", line 294, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python2.7/site-packages/certbot/client.py", line 326, in _get_order_and_authorizations
orderr = self.acme.new_order(csr_pem)
File "/usr/lib/python2.7/site-packages/acme/client.py", line 779, in new_order
return self.client.new_order(csr_pem)
File "/usr/lib/python2.7/site-packages/acme/client.py", line 606, in new_order
body = messages.Order.from_json(response.json())
File "/usr/lib/python2.7/site-packages/josepy/json_util.py", line 289, in from_json
return cls(**cls.fields_from_json(jobj))
File "/usr/lib/python2.7/site-packages/josepy/json_util.py", line 284, in fields_from_json
slot, value, error))
DeserializationError: Deserialization error: Could not decode 'status' (u'ready'): Deserialization error: Status not recognized
.conf
version = 0.22.2
It can be fix? or maybe I need remove all cert and restart just like I never have any cert?
Maybe I should turn off HSTS first? It is set to Max-Age: 12 months.