Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: vvp.lerg.lt
I ran this command: certbot renew --cert-name vvp.lerg.lt
It produced this output:
root@qkqy:~# certbot renew --cert-name vvp.lerg.lt
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Cert is due for renewal, auto-renewing...
Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.')
Failed to renew certificate vvp.lerg.lt with error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.')
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/vvp.lerg.lt/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
My web server is (include version):Apache/2.4.54 (Debian)
The operating system my web server runs on is (include version): debian-11.0-x86_64
My hosting provider, if applicable, is: iv.lt
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 1.12.0
This is your problem. When you originally obtained your cert, for some reason you used --manual in the command line. That's going to prevent you from renewing using the certbot renew command.
well i run this certbot certonly --manual --preferred-challenges dns -d vvp.lerg.lt
and got this
Waiting for verification...
Cleaning up challenges
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/vvp.lerg.lt/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/vvp.lerg.lt/privkey.pem
Your certificate will expire on 2023-09-21. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again. To non-interactively renew *all* of your
certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
```
but when i got to the site i dont have the ssl ? do i need to wait or what ?
You don't? Because I'm seeing it redirect to HTTPS with the new cert when I go there.
But you once again got the cert using --manual and DNS validation (again, why?). Therefore, certbot renew will continue to not work and you'll need to continue to manually make changes every time you need to renew the cert.
Besides what Bruce already said: with the certonly subcommand and the --manual plugin Certbot won't interact with your webserver at all. It's the users job to either install the certificate by hand into the webservers configuration (at first issuance) or reload the webserver if it's a renewal.