Certbot could not find a block error

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
zones.dmcontact.com

I ran this command:
certbot renew --dry-run

It produced this output:
Attempting to renew cert (zones.dmcontact.com) from /etc/letsencrypt/renewal/zones.dmcontact.com.conf produced an unexpected error: Certbot could not find a block to include challenges in /etc/nginx/nginx.conf… Skipping.

My web server is (include version): nginx version: nginx/1.14.2

The operating system my web server runs on is (include version):
Debian 10.3

My hosting provider, if applicable, is: N/A

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

We’ve been using Certbot for a while now on various machines in our organization, so this one is a bit of a stickler. I can’t even find anything on Google about this error, “Certbot could not find a block”. Can anyone provide some insight into this one?

1 Like

Hi @Canadian,

This error suggests that Certbot is having trouble parsing your nginx configuration. However, this can be a problem with Certbot’s understanding of nginx configurations rather than a sign that your configuration is invalid—the nginx configuration format is complex and poorly specified in places.

Would you like to share your nginx configuration here?

Alternatively, your version of Certbot is somewhat out of date (although it may be the latest packaged by your operating system); would you like to try a newer version of Certbot (maybe via the snap package or certbot-auto) to see whether a later release has already fixed this issue? Newer versions of Certbot will still read and work with your existing certificates and renewal configuration file.

1 Like

Thank you, certbot-auto did the trick.

1 Like

OK, well this is odd. the certbot-auto certainly installed the certificate. But when I renew the certificate through a dry-run, it still fails with same error. Surely I can’t be the only one encountering this issue?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.