My domain is:
private
I ran this command:
sudo certbot --nginx -d xyz.xyz.xyz; systemctl status certbot && nginx -t
It produced this output:
"renew the certificate in the background, but you may need to take steps to enable that functionality"
(Full output)
My web server is (include version):
nginx/1.22.1
The operating system my web server runs on is (include version):
Debian Linux 12
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 2.1.0
Hello dear community, I am confused by the above mentioned command output. Confused whether my certificate will be automatically renewed or not. If yes, then the message needs to be fixed not to confuse. If no, then why no.
When I do: cat /etc/crontab; crontab -l; find /etc/cron.* -type f|grep cert
The crontabs has no certbot, but there is a file /etc/cron.d/certbot containing:
# Important Note! This cronjob will NOT be executed if you are
# running systemd as your init system. If you are running systemd,
# the cronjob.timer function takes precedence over this cronjob. For
# more details, see the systemd.timer manpage, or use systemctl show
# certbot.timer.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew --no-random-sleep-on-renew
it says, that it wont be executed if i run systemd, which i do run:
"systemctl show certbot.timer" has output
# systemctl status certbot*
โ certbot.timer - Run certbot twice daily
Loaded: loaded (/lib/systemd/system/certbot.timer; enabled; preset: enabled)
Active: active (waiting) since Tue 2025-05-06 13:49:07 CEST; 20min ago
Trigger: Tue 2025-05-06 23:13:49 CEST; 9h left
Triggers: โ certbot.service
May 06 13:49:07 my.hn.local systemd[1]: Started certbot.timer - Run certbot twice daily.
so it looks like a service is running, so the /etc/cron.d/certbot will be ignored...
How to discover why Certbot is confusing me by telling me that i may need to enable the automatic renewal on the background. Cerbot has ability to check my system and tell me if renewal is enabled or not.
When I have installed it for the first time on same system, then I do not remember such message. After first installation, I have removed folder /etc/letsencrypt and uninstalled (apt purge) and then installed again (apt install python*certbot-nginx && sudo certbot --nginx -d), having this problem.
btw. Certbot did not added to my nginx.conf IPv6 interface, only "listen 443 ssl; # managed by Certbot"
Previously I had added by myself [::]:443 ssl; so I am worried to edit certbot added lines.
# ping6 google.com
64 bytes from ...: icmp_seq=1 ttl=117 time=8.71 ms
Thank You