Certbot error An unexpected error occurred: AttributeError: can't set attribute

My goal is to get a wildcard ssl cert for my domain, I added the txt record after the dns challange but got the error below:

My domain is:gibgeeks.com

I ran this command: sudo certbot certonly --manual --manual-auth-hook /etc/letsencrypt/acme-dns-auth.py --preferred-challenges dns --debug-challenges -d *.gibgeeks.com

It produced this output: An unexpected error occurred: AttributeError: can't set attribute

My web server is (include version):

The operating system my web server runs on is (include version): ubuntu 23.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.1.0

I'd update to the latest version [first].

That has no LTS.
[Long Term Support]

I realy need to just get the wildcard issued because whatever version of ubuntu i have used I have issues. Are you able to help me diagnose? Certbot was working fine I just kept putting the wrong challenge text in then the error came up

You could "turn off the automation" and get a wildcard cert manually.
[if you need one immediately]

I'd update to the latest certbot version and show the full log file.
And consider using another ACME client [to save time] - like: acme.sh


I used this command:
sudo certbot certonly --manual --manual-auth-hook /etc/letsencrypt/acme-dns-auth.py --preferred-challenges dns --debug-challenges -d *.gibgeeks.com

I thought was the manual method?

That seems to deviate the process some from the basic manual authentication.
And there is no telling [for me - I don't use it] if that is compatible with version 2.1.0


thats the instruction command in the webpage. But are you able to help me resolve the issue?

I've tried to point you in the direction I would go in [more than once now].


What web page?

Is the issue that you need a cert immediately?
You need to correct that problem?

And you haven't mentioned anything about using another ACME client [to save us both time].


The webpage is:

And I would prefer to fix the problem so i learn something

I dont understand what an ACME client is?

I would prefer to save time.

The web page you are following is 3.5 years old and seems very outdated.
If you are going to insist on following those instructions... I'm out.


certbot is an ACME client.
A very popular one; But only one of many.


Glad you have been so helpfull. And apologies for not knowing what you know

You might try updating to Certbot 2.3. There was a bug fix in 2.3 for this error but I can't know for sure if this fixes your situation. See the link below for details

Or, as rg305 suggested, just do a manual request if this is just a one-time cert. The manual-auth-hook with acme-dns is for automating cert renewals when your domain name service does not provide an API to do so (or, you just prefer to do it this way).


Thanks I will try the update and see if that helps


The fully manual method that people allude to would be to remove --manual-auth-hook /etc/letsencrypt/acme-dns-auth.py (but this is not a great long-term solution).

Hopefully upgrading Certbot will help with your situation!

(Maybe we should not have called it --manual-auth-hook but rather had an --external-auth-script method that was inherently separate from --manual, to make it clearer to users whether they could expect for human interaction to be required during the certificate issuance process...?)


I've thought for a long time now that "custom script" and "manual" should never have been both named the same thing. Not sure if how feasible it'd be to change it at this point, though.


Probably only with e.g. Certbot 3.0.0 if the team would be inclined to do so.

Some interesting choices were made in the past indeed.

@gibgeeks If updating Certbot to the latest version (which is 2.7.01 currently) doesn't help, please provide the entire letsencrypt.log file.

1 Like

Well actually :wink:, 2.7.1 came out a couple days ago, but I tend to doubt that it has a fix for this problem that isn't in 2.7.0.