Certbot ignores config when renewing wildcard certificate

There exists a config file at /etc/letsencrypt/renewal/my.domain.tld.conf with the line manual_public_ip_logging_ok = True. When I try to renew a wildcard certificate for this domain (–domain *.my.domain.tld) without the –manual-public-ip-logging-ok switch I’m getting the below error:

Missing command line flag or config entry for this setting:
NOTE: The IP of this machine will be publicly logged as having requested this certificate. If you’re running certbot in manual mode on a machine that is not your server, please ensure you’re okay with that.
Are you OK with your IP being logged?
(You can set this with the --manual-public-ip-logging-ok flag)

Why is the config file ignored?

How do you renew? 

The full command, executed by cron as root:

certbot certonly --quiet --manual --manual-auth-hook /opt/certbot_auth_hook.py --deploy-hook /opt/certbot_deploy_hook.sh --domain *.my.domain.tld

To renew all of your certificates while making use of their saved renewal configuration files, you need to run “certbot renew”. (It doesn’t need any other options, except maybe “--quiet”, if all of those settings were previously saved.)

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.