Hello all of you.
I’m having trouble: Cerbot doesn’t automatically renew ssl after 90 days
I am using the operating system: Centos 6
I am using webserver: nginx (LEMP)
And follow the instructions in this link: https://certbot.eff.org/lets-encrypt/centos6-nginx
However, sites that are not automatically renewed, I have to manually renew. Please help me! Thanks
Did you create a cronjob for certbot-auto?
In /var/log/letsencrypt/, do you see any log files from when Certbot attempted renewal but failed? Can you post one of those log files?
Let me find the log file and send you 
This is the latest log:
2019-01-21 00:19:18,469:DEBUG:certbot.main:certbot version: 0.30.0
2019-01-21 00:19:18,469:DEBUG:certbot.main:Arguments:
2019-01-21 00:19:18,470:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-01-21 00:19:18,493:DEBUG:certbot.log:Root logging level set at 20
2019-01-21 00:19:18,494:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-01-21 00:19:18,561:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7fb91e0007f0> and installer <certbot.cli._Default object at 0x7fb91e0007f0>
2019-01-21 00:19:18,606:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2019-01-11 16:53:12 UTC.
2019-01-21 00:19:18,606:INFO:certbot.renewal:Cert is due for renewal, auto-renewing…
2019-01-21 00:19:18,606:INFO:certbot.renewal:Non-interactive renewal: random delay of 377 seconds
2019-01-21 00:25:35,707:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
2019-01-21 00:25:35,713:DEBUG:certbot.plugins.disco:No installation (PluginEntryPoint#nginx): Could not find a usable ‘nginx’ binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib64/python3.4/site-packages/certbot/plugins/disco.py”, line 132, in prepare
self._initialized.prepare()
File “/opt/eff.org/certbot/venv/lib64/python3.4/site-packages/certbot_nginx/configurator.py”, line 145, in prepare
"Could not find a usable ‘nginx’ binary. Ensure nginx exists, "
certbot.errors.NoInstallationError: Could not find a usable ‘nginx’ binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.
2019-01-21 00:25:35,716:DEBUG:certbot.plugins.selection:No candidate plugin
2019-01-21 00:25:35,716:DEBUG:certbot.plugins.selection:No candidate plugin
2019-01-21 00:25:35,716:DEBUG:certbot.plugins.selection:Selected authenticator None and installer None
2019-01-21 00:25:35,716:INFO:certbot.main:Could not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(“Could not find a usable ‘nginx’ binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.”,)
2019-01-21 00:25:35,717:WARNING:certbot.renewal:Attempting to renew cert (vietnamesetyping.com) from /etc/letsencrypt/renewal/vietnamesetyping.com.conf produced an unexpected error: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(“Could not find a usable ‘nginx’ binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.”,). Skipping.
2019-01-21 00:25:35,721:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib64/python3.4/site-packages/certbot/renewal.py”, line 452, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File “/opt/eff.org/certbot/venv/lib64/python3.4/site-packages/certbot/main.py”, line 1186, in renew_cert
installer, auth = plug_sel.choose_configurator_plugins(config, plugins, “certonly”)
File “/opt/eff.org/certbot/venv/lib64/python3.4/site-packages/certbot/plugins/selection.py”, line 237, in choose_configurator_plugins
diagnose_configurator_problem(“authenticator”, req_auth, plugins)
File “/opt/eff.org/certbot/venv/lib64/python3.4/site-packages/certbot/plugins/selection.py”, line 341, in diagnose_configurator_problem
raise errors.PluginSelectionError(msg)
certbot.errors.PluginSelectionError: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(“Could not find a usable ‘nginx’ binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.”,)
Great. So here's the crux of the issue:
On most Linux systems, the nginx binary would be located on the $PATH when Certbot runs. What's this show?
command -v nginx
Can you show us how you setup the the cronjob? This may affect how the $PATH is populated when the cron task actually runs.
One thing in your environment that could cause this issue is a couple of lines in /etc/crontab that usually look something like:
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
If your nginx binary is not located in one of the directories specified in that PATH= line, then Certbot would fail in the way from your log file.
So the remedy would be to add the directory where the nginx binary is located, to that line.
My crontab command is:
0 0,12 * * * python -c ‘import random; import time; time.sleep(random.random() * 3600)’ && /path/to/certbot-auto renew
Inside: /path/to/certbot-auto is root/cerbot/certbot-auto
This is confusing/unclear to me...
Does calling this command directly work (or even do anything)?:
/path/to/certbot-auto renew
Or does it only work with?:
/root/cerbot/certbot-auto renew
Make sure your /etc/crontab's PATH= line contains the directory in which your nginx binary is located.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.