Certbot ignores config when renewing wildcard certificate

karaluh · April 28, 2020, 1:17pm

There exists a config file at /etc/letsencrypt/renewal/my.domain.tld.conf with the line manual_public_ip_logging_ok = True. When I try to renew a wildcard certificate for this domain (--domain *.my.domain.tld) without the --manual-public-ip-logging-ok switch I'm getting the below error:

Missing command line flag or config entry for this setting:
NOTE: The IP of this machine will be publicly logged as having requested this certificate. If you're running certbot in manual mode on a machine that is not your server, please ensure you're okay with that.
Are you OK with your IP being logged?
(You can set this with the --manual-public-ip-logging-ok flag)

Why is the config file ignored?

Osiris · April 28, 2020, 5:31pm

How do you renew?

karaluh · April 29, 2020, 6:45am

The full command, executed by cron as root:

certbot certonly --quiet --manual --manual-auth-hook /opt/certbot_auth_hook.py --deploy-hook /opt/certbot_deploy_hook.sh --domain *.my.domain.tld

mnordhoff · April 29, 2020, 7:12am

To renew all of your certificates while making use of their saved renewal configuration files, you need to run “certbot renew”. (It doesn’t need any other options, except maybe “--quiet”, if all of those settings were previously saved.)

system · May 29, 2020, 7:12am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certbot renew failing due to missing --manual-public-ip-logging-ok Help	9	3547	November 28, 2021
Error trying to renew certs Server	1	2131	February 26, 2016
Problem with renew wildcard certificate Help	2	2302	June 16, 2018
Skip certs with manual plugin from certbot renew Help	31	2386	December 9, 2020
Renew wildcard certificate Help	7	10450	April 27, 2018

Certbot ignores config when renewing wildcard certificate

Related topics