Can't renew in using cronjob but fine manually


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
alanvilla.com

I ran this cronjob:
41 21 * * * /usr/bin/certbot renew >> /var/log/le-renew.log
43 21 * * * /usr/bin/systemctl reload nginx

It produced this output in mail:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Cert is due for renewal, auto-renewing…
Could not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError()
Attempting to renew cert (alanvilla.com) from /etc/letsencrypt/renewal/alanvilla.com.conf produced an unexpected error: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(). Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/alanvilla.com/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)

My web server is (include version):
nginx/1.12.2

The operating system my web server runs on is (include version):
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-693.17.1.el7.x86_64
Architecture: x86-64

My hosting provider, if applicable, is:
digital ocean

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

Notes:
When I ran certbot renew manually it worked and renewed the certificate with no issues. But the cron job kept failing.


#2

Under which user does the cron job run?

Show:
which certbot
certbot --version
/usr/bin/certbot --version
ls -l /var/spool/cron/crontabs/
grep certbot /var/spool/cron/crontabs/*


#3

Hey thanks for the response.

which certbot = /usr/bin/certbot

certbot --version = certbot 0.21.1

/usr/bin/certbot --version = certbot 0.21.1

ls -l /var/spool/cron/crontabs/ =
ls: cannot access /var/spool/cron/crontabs/: Permission denied

sudo ls -l /var/spool/cron/crontabs/ =
ls: cannot access /var/spool/cron/crontabs/: No such file or directory

grep certbot /var/spool/cron/crontabs/* =
grep: /var/spool/cron/crontabs/*: Permission denied

sudo grep certbot /var/spool/cron/crontabs/* =
grep: /var/spool/cron/crontabs/*: No such file or directory

Thanks again for the help


#4

How are you renewing the certs?
Where are your cron jobs?
Try:
find / -name crontabs

And you should be able to combine these into one line:

With a
--post-hook
or
--deploy-hook


#5

Yeah so I am able to run it manually but not in a cron job.

When running find / -name crontabs
I get permission errors and when I add sudo I don’t get any errors but I get no answer. Just a new command prompt line

[alan@villaa19-centos7 ~]$ sudo find / -name crontabs
[alan@villaa19-centos7 ~]$


#6

Try:
sudo find / -name cron.d
or
sudo find / -type d -name cron*

Theh ls -l the found directory location(s)


#7

ok so the first command returned
/etc/cron.d

…and when I did an ls -l
I got
-rw-r--r-- 1 root root 128 Aug 3 2017 0hourly


#8

please show
more /etc/cron.d/0hourly
ls -l /etc/cron*
more /etc/crontab


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.