Please, find below the required information.
I somehow got to create the certificate three months ago and most probably checked the renewal with --dry-run then (as I normally do). But now I got an email saying that there is a problem in renewal.
I have examined this in the net and it looks like the challenge could go to a different virtual host, BUT
a) I can’t find any duplicates of the host names on the confs as seen fron nginx -T and
b) nginx -t gives no errors
My domain is: shop.kunnat.net (plus a dozen others in the same certificate but all (don’t) work the same.
The service I am needing this certificate will be shut down in the near future, but not in so near future (the cert will expire december 19th).
So a helping hand would be appreciated.
wbr Hannu
I ran this command: certbot-auto renew --dry-run
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/shop.kuntaliitto.fi.conf
Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
.
.
http-01 challenge for shop.kunnat.net
Using default address 80 for authentication.
nginx: [warn] conflicting server name “shop.kunnat.net” on 0.0.0.0:80, ignored
.
.
.
nginx: [warn] conflicting server name Waiting for
verification…
Challenge failed for domain shop.kunnat.net
.
.
.
http-01 challenge for shop.kunnat.net
.
.
Cleaning up challenges
Attempting to renew cert (shop.kunnat.net) from /etc/letsencrypt/renewal/shop.kuntaliitto.fi.conf produced an unexpected error: Some challenges have failed… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/shop.kunnat.net/fullchain.pem (failure)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)
(I think this shows enough of the error, I had to remove parts of the log because new user link restriction policy)
My web server is (include version):
nginx/1.10.3
The operating system my web server runs on is (include version): Centos 6.1
My hosting provider, if applicable, is: self-hosted
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
certbot 1.0.0 (certbot-auto)