Certbot 0.28 option --server seems to not work

My domain is: c2retailsolutions.com

I ran this command: certbot renew --server https://acme-v02.api.letsencrypt.org/directory
It produced this output:

---

Processing /etc/letsencrypt/renewal/c2retailsolutions.com.conf

---

Cert is due for renewal, auto-renewing...

Plugins selected: Authenticator apache, Installer apache

Attempting to renew cert (c2retailsolutions.com) from /etc/letsencrypt/renewal/c2retailsolutions.com.conf produced an unexpected error: ("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",). Skipping.

My web server is (include version): Apache/2.4.18 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 16.04 LTS

My hosting provider, if applicable, is: gandi

I can login to a root shell on my machine (yes or no, or I don't know): y

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 0.28

This is probably due to the fact your ca-certificates package is ancient and not due to the fact the --server option isn't working.

Your CA Certificate store is missing ISRG Root X1

For fix on Ubuntu 16 see:

Thanks for the clue @MikeMcQ.

I've ran:
sudo apt-get update
sudo apt update
sudo apt install ca-certificates

Then: certbot renew executed smoothly.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.