Can't Renew Certificates With Dehydraded

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: reportscores.com

I ran this command: /usr/bin/dehydrated -c

It produced this output:

INFO: Using main config file /etc/dehydrated/config

INFO: Running /usr/bin/dehydrated as alien/wheel

INFO: Using main config file /etc/dehydrated/config

ERROR: Lock file '/etc/dehydrated/var/Lock' present, aborting.

My web server is (include version): Apache 2.4.7

The operating system my web server runs on is (include version):

Slackware

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): dehydrated

1 Like

Hi @smokie

two things are possible:

  • there is another running dehydrated, that blocks -> wait
  • the last run crashed, so that file isn't deleted. Make a backup of that file, delete it. Then try it again. Or rename the file, then try it again.
3 Likes

Perhaps the automated script is waiting for input (like when run in a manual mode).

1 Like

etc/dehydrated/var/Lock is a directory that is empty.

As I understand it, dehydrated is not a service or deamon, it is executed occasionally with cron so I don't understand why it is locked.

Can I use a different client to renew Certs even though I obtained then with dehydrated?

If you use a different client, it will most likely know nothing about the dehydrated certs.
You may be able to get new ones with another client.

As for the "Lock", as I read the error message, the mere presence of the Lock (be it file or folder) signals dehydrated to abort.
Try removing the directory.
But first check that there are no hidden files within it:
ls -la /etc/dehydrated/var/Lock

Then it's a signaling directory, that's the same.

File / directory exists -> one dehydrated is running -> other dehydrated are stopped.

Then remove the directory.

Or select another client.