I am deploying ingress in kubernetes and I am using Lets Encrypt and I am getting this error AttributeError: can't set attribute
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
cp: cannot create regular file '/etc/letsencrypt/live/dev-retail.mrpg.net/nginx.conf': No such file or directory
Reloading nginx: nginx failed!
2024/11/05 13:37:27 [emerg] 24#24: cannot load certificate "/etc/letsencrypt/live/dev-retail.mrpg.net/fullchain.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/letsencrypt/live/dev-retail.mrpg.net/fullchain.pem, r) error:10000080:BIO routines::no such file)
nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/dev-retail.mrpg.net/fullchain.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/letsencrypt/live/dev-retail.mrpg.net/fullchain.pem, r) error:10000080:BIO routines::no such file)
PS C:\windows\system32>
Welcome @fundan
I don't have enough K8s experience to give details. But, various things about your post are puzzling.
Just fyi certain versions of Certbot (early 2.x) would show "cant set attribute" after having an earlier error. Upgrading to the latest fixes that but not the fundamental problem. Consider this a nuisance and not a problem in itself.
This is the most puzzling. An nginx.conf file does not belong within the Cerbot directory structure. Is that something K8s did or you somehow? Normally that .../live/... folder only contains symlinks to the most recent set of cert files.
Your nginx config is referencing this cert file which does not yet exist. Again, I don't know a lot about K8s but nothing should setup nginx to reference a non-existent file.
So are you running all this on Windows? Can you explain more? Because all the other file paths were for a "linux" system.
Oh, another important question ...
Why are you using Certbot rather than cert-manager for Kubernetes?
Are you following some sort of guide to set this up? If so, which guide. The actual nginx error is that it's trying to load cert files that no longer exist as @rg305 mentioned, and if you are using containers then you could have a volume that's being recreated (and so doesn't have your cert files anymore), so you could make sure you are persisting your storage volumes, by default you won't be.
I'd probably recommend starting again, but this time use cert-manager as @MikeMcQ suggested, because that's the defacto standard on kubernetes. Securing NGINX-ingress - cert-manager Documentation
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.