I’m running letscrypt since… something like the beginning of the adventure of let’s encrypt, but today, i’m not able to renew my certificates.
Here the message:
IMPORTANT NOTES:
The following errors were reported by the server:
Domain: mydomain.fr
Type: unauthorized
Detail:
I can’t Renew my certificates:
I ran the command below (./letsencrypt-auto renew), and I’ve got this message:
root@web:/opt/letsencrypt# ./letsencrypt-auto renew
Bootstrapping dependencies for Debian-based OSes… (you can skip this with --no-bootstrap)
Réception de :1 http://debian.mirrors.ovh.net/debian buster InRelease
Réception de :2 http://debian.mirrors.ovh.net/debian buster-backports InRelease [46,7 kB]
Atteint :3 http://security.debian.org buster/updates InRelease
164 ko réceptionnés en 2s (104 ko/s)
Lecture des listes de paquets… Fait
Lecture des listes de paquets… Fait
Construction de l’arbre des dépendances
Lecture des informations d’état… Fait
augeas-lenses est déjà la version la plus récente (1.11.0-3).
libaugeas0 est déjà la version la plus récente (1.11.0-3).
ca-certificates est déjà la version la plus récente (20190110).
gcc est déjà la version la plus récente (4:8.3.0-1).
libffi-dev est déjà la version la plus récente (3.2.1-9).
libssl-dev est déjà la version la plus récente (1.1.1c-1).
openssl est déjà la version la plus récente (1.1.1c-1).
python est déjà la version la plus récente (2.7.16-1).
python-dev est déjà la version la plus récente (2.7.16-1).
python-virtualenv est déjà la version la plus récente (15.1.0+ds-2).
virtualenv est déjà la version la plus récente (15.1.0+ds-2).
0 mis à jour, 0 nouvellement installés, 0 à enlever et 71 non mis à jour.
Creating virtual environment…
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/virtualenv.py”, line 2375, in
main()
File “/usr/lib/python3/dist-packages/virtualenv.py”, line 724, in main
symlink=options.symlink)
File “/usr/lib/python3/dist-packages/virtualenv.py”, line 992, in create_environment
download=download,
File “/usr/lib/python3/dist-packages/virtualenv.py”, line 922, in install_wheel
call_subprocess(cmd, show_stdout=False, extra_env=env, stdin=SCRIPT)
File “/usr/lib/python3/dist-packages/virtualenv.py”, line 817, in call_subprocess
% (cmd_desc, proc.returncode))
OSError: Command /opt/eff.org/certbot/venv/bin/python2.7 - setuptools pkg_resources pip wheel failed with error code 1
Traceback (most recent call last):
File “”, line 27, in
File “”, line 19, in create_venv
File “/usr/lib/python2.7/subprocess.py”, line 190, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command ‘[‘virtualenv’, ‘–no-site-packages’, ‘–python’, ‘/usr/bin/python2.7’, ‘/opt/eff.org/certbot/venv’]’ returned non-zero exit status 1
To renew certs, I ran this command:
./letsencrypt-auto renew
My web server is (include version):
Server version: Apache/2.4.25 (Debian)
Server built: 2019-04-02T19:05:13
The operating system my web server runs on is (include version): Debian 4.19.37-5 (2019-06-19) x86_64 GNU/Linux
My hosting provider, if applicable, is: OVH
I can login to a root shell on my machine: yes
I’m using a control panel to manage my site : no, CLI Only
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): don’t know… these commands give me nothing…
I used to go in /opt/letsencrypt/ and run "./letsencrypt-auto renew".
So now, It's not the good way to do so ?
So, I have to install certbot-auto first, and then ? It will find by "itself" my websites on my server ?
I'm really sorry about my dummies questions, but I did my certificates a long time ago, and I can't really remember how I succeeded.... but now, It doesn't work anymore, and I'm feeling a little bit lost and worried.
Bootstrapping dependencies for Debian-based OSes... (you can skip this with --no-bootstrap)
Réception de :1 Index of /debian/ buster InRelease [118 kB]
Réception de :2 Index of /debian/ buster-backports InRelease [46,7 kB]
Atteint :3 http://security.debian.org buster/updates InRelease
164 ko réceptionnés en 2s (92,4 ko/s)
Lecture des listes de paquets... Fait
Lecture des listes de paquets... Fait
Construction de l'arbre des dépendances
Lecture des informations d'état... Fait
augeas-lenses est déjà la version la plus récente (1.11.0-3).
libaugeas0 est déjà la version la plus récente (1.11.0-3).
ca-certificates est déjà la version la plus récente (20190110).
gcc est déjà la version la plus récente (4:8.3.0-1).
libffi-dev est déjà la version la plus récente (3.2.1-9).
libssl-dev est déjà la version la plus récente (1.1.1c-1).
openssl est déjà la version la plus récente (1.1.1c-1).
python est déjà la version la plus récente (2.7.16-1).
python-dev est déjà la version la plus récente (2.7.16-1).
python-virtualenv est déjà la version la plus récente (15.1.0+ds-2).
virtualenv est déjà la version la plus récente (15.1.0+ds-2).
0 mis à jour, 0 nouvellement installés, 0 à enlever et 71 non mis à jour.
Creating virtual environment...
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/virtualenv.py", line 2375, in
main()
File "/usr/lib/python3/dist-packages/virtualenv.py", line 724, in main
symlink=options.symlink)
File "/usr/lib/python3/dist-packages/virtualenv.py", line 992, in create_environment
download=download,
File "/usr/lib/python3/dist-packages/virtualenv.py", line 922, in install_wheel
call_subprocess(cmd, show_stdout=False, extra_env=env, stdin=SCRIPT)
File "/usr/lib/python3/dist-packages/virtualenv.py", line 817, in call_subprocess
% (cmd_desc, proc.returncode))
OSError: Command /opt/eff.org/certbot/venv/bin/python2.7 - setuptools pkg_resources pip wheel failed with error code 1
Traceback (most recent call last):
File "", line 27, in
File "", line 19, in create_venv
File "/usr/lib/python2.7/subprocess.py", line 190, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['virtualenv', '--no-site-packages', '--python', '/usr/bin/python2.7', '/opt/eff.org/certbot/venv']' returned non-zero exit status 1
I’m not certain, but I wonder if one problem is a version conflict somehow between Python 2.7 and Python 3 here.
Could you try deleting /opt/eff.org/certbot/venv and then trying your letsencrypt-auto command again? (as @JuergenAuer alluded to, the official name for this command has been certbot-auto for a few years now, although this difference shouldn’t affect anything here)
Not at first glance. You can try reproducing the problem outside of certbot-auto by running virtualenv --no-site-packages --python /usr/bin/python2.7 /some/path. That may give you more output about what went wrong and at least helps narrow down the problem.
With that said, I recommend you use the packages available in Debian Buster’s repos which can be installed with sudo apt install certbot.
Ok, No problem with certbot installation. I’ve just done it.
How can I renew my certificate, without breaking everything ?
If I get it well, I’ve to recreate certs from scratch… not a problem for me… But is there any chance that a conflict appear between old and new certs ?
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Maybe. Perhaps you should create certificates with two domain names:
I used the standard template in my first message..... But i'll do it again if you want....
My domain is:
I ran this command: cd /opt/letsencrypt/ && ./letsencrypt-auto renew
It produced this output: watch previous messages
My web server is (include version): Apache 2
Server version: Apache/2.4.25 (Debian)
Server built: 2019-04-02T19:05:13
The operating system my web server runs on is (include version): Debian Buster
My hosting provider, if applicable, is: OVH
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): CLI only
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): Fresh install, never used : 0.31.0
Switching from certbot-auto to the OS-packaged version of Certbot doesn’t delete or invalidate old certificates, and Certbot should continue to recognize the presence of the previous ones, allowing you to use certbot renew.