Hi all,
I have problems renewing my certificates. I hope you can help me a bit.
My domain is: www.ritchievink.com
Os: Ubuntu 16.04
host: linode
certbot version: 0.28.0
python version: 3.5.2
Logs
My standalone attempt:
certbot certonly --standalone
(Alternatively, add a --installer flag. See https://eff.org/letsencrypt-plugins
and "--help plugins" for more information.)
2021-11-08 08:20:21,600:DEBUG:certbot.main:certbot version: 0.28.0
2021-11-08 08:20:21,602:DEBUG:certbot.main:Arguments: ['--standalone', '-d', 'ritchievink.com', '-d', 'www.ritchievink.com']
2021-11-08 08:20:21,603:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2021-11-08 08:20:21,617:DEBUG:certbot.log:Root logging level set at 20
2021-11-08 08:20:21,618:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2021-11-08 08:20:21,619:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer None
2021-11-08 08:20:21,764:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone
Description: Spin up a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot.plugins.standalone:Authenticator
Initialized: <certbot.plugins.standalone.Authenticator object at 0x7f686201d710>
Prep: True
2021-11-08 08:20:21,765:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.standalone.Authenticator object at 0x7f686201d710> and installer None
2021-11-08 08:20:21,765:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer None
2021-11-08 08:20:21,792:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf', new_authzr_uri='https://acme-v01.api.letsencrypt.org/acme/new-authz', body=Registration(contact=('mailto:ritchie46@gmail.com',), agreement='https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf', only_return_existing=None, status=None, terms_of_service_agreed=None, key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f6861f395f8>)>)), uri='https://acme-v01.api.letsencrypt.org/acme/reg/4860580'), ecf4c70bb6ee06bf0d82567dd36401c1, Meta(creation_host='laizen', creation_dt=datetime.datetime(2016, 10, 3, 20, 14, 58, tzinfo=<UTC>)))>
2021-11-08 08:20:21,794:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2021-11-08 08:20:21,797:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2021-11-08 08:20:22,055:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 560, in urlopen
body=body, headers=headers)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 346, in _make_request
self._validate_conn(conn)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 787, in _validate_conn
conn.connect()
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 252, in connect
ssl_version=resolved_ssl_version)
File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 305, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/lib/python3.5/ssl.py", line 377, in wrap_socket
_context=self)
File "/usr/lib/python3.5/ssl.py", line 752, in __init__
self.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 988, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 633, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 376, in send
timeout=timeout
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 589, in urlopen
raise SSLError(e)
requests.packages.urllib3.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in <module>
load_entry_point('certbot==0.28.0', 'console_scripts', 'certbot')()
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1340, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1209, in certonly
le_client = _init_le_client(config, auth, installer)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 611, in _init_le_client
return client.Client(config, acc, authenticator, installer, acme=acme)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 248, in __init__
acme = acme_from_config_key(config, self.account.key, self.account.regr)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 51, in acme_from_config_key
return acme_client.BackwardsCompatibleClientV2(net, key, config.server)
File "/usr/lib/python3/dist-packages/acme/client.py", line 763, in __init__
directory = messages.Directory.from_json(net.get(server).json())
File "/usr/lib/python3/dist-packages/acme/client.py", line 1097, in get
self._send_request('GET', url, **kwargs), content_type=content_type)
File "/usr/lib/python3/dist-packages/acme/client.py", line 1046, in _send_request
response = self.session.request(method, url, *args, **kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 468, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 576, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 447, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
2021-11-08 08:20:22,057:ERROR:certbot.log:An unexpected error occurred:
Additional info
curl -X GET -I -m 10 https://acme-v02.api.letsencrypt.org/directory
curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
More details here: curl - SSL CA Certificates
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
python -c "import requests; print(requests.get(‘https://acme-v02.api.letsencrypt.org/directory’).text)"
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 560, in urlopen
body=body, headers=headers)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 346, in _make_request
self._validate_conn(conn)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 787, in validate_conn
conn.connect()
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 252, in connect
ssl_version=resolved_ssl_version)
File "/usr/lib/python3/dist-packages/urllib3/util/ssl.py", line 305, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/lib/python3.5/ssl.py", line 377, in wrap_socket
_context=self)
File "/usr/lib/python3.5/ssl.py", line 752, in init
self.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 988, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 633, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 376, in send
timeout=timeout
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 589, in urlopen
raise SSLError(e)
requests.packages.urllib3.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "", line 1, in
File "/usr/lib/python3/dist-packages/requests/api.py", line 67, in get
return request('get', url, params=params, **kwargs)
File "/usr/lib/python3/dist-packages/requests/api.py", line 53, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 468, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 576, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 447, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)