Certbot in container - renew -?

lejeczek · January 29, 2022, 8:41am

Hi guys,
I'm trying to renew my certs but I get nothing (as below). I have my old/current certs in '/etc/letsencrypt.podman'
If I try 'certonly' then a lot more is happening(another story), but obviously I want to renew.
My env is such that 'certbod' is container but webserver Nginx is running off the host.

Any and all advice on what is not working here and how to troubleshoot are greatly appreciated.
many thanks, L

My domain is:

I ran this command:
-> $ podman run --volume /var/log/letsencrypt:/var/log/letsencrypt:z --volume /etc/letsencrypt:/etc/letsencrypt.podman:z --rm -it --name certbot docker.io/certbot/certbot renew -v --agree-tos
Saving debug log to /var/log/letsencrypt/letsencrypt.log

No renewals were attempted.

The operating system my web server runs on is (include version):
CentOS
certbot version: 1.22.0

_az · January 29, 2022, 9:01am

Certbot thinks that there aren't any certificates.

What's the ouput of:

ls -la /etc/letsencrypt.podman/renewal

lejeczek · January 29, 2022, 9:08am

Hi.
there are configs, two of them, for my domains, but yes you might be onto something.
I've just tried to 'delete' one of the two domains - does not exist anymore - and found this in the log:
...
File "/opt/certbot/src/certbot/certbot/_internal/cert_manager.py", line 354, in get_certnames
raise errors.Error("No existing certificates found.")
certbot.errors.Error: No existing certificates found.
2022-01-29 09:04:08,788:ERROR:certbot._internal.log:No existing certificates found.

I ran:
-> $ podman run --volume /var/log/letsencrypt:/var/log/letsencrypt:z --volume /var/lib/letsencrypt:/var/lib/letsencrypt:z --volume /etc/letsencrypt:/etc/letsencrypt.podman:z --volume /var/www/certbot:/var/www/certbot:z --rm -it --name certbot docker.io/certbot/certbot delete -v --agree-tos -d my.domain

-> $ llr /etc/letsencrypt.podman/
total 32
drwxrwxrwx. 5 root root 4096 Nov 16 2020 renewal-hooks
drwx-w--w-. 4 root root 4096 Nov 16 2020 accounts
drwx-w--w-. 2 root root 4096 Nov 1 14:23 keys
drwxrwxrwx. 2 root root 4096 Nov 1 14:23 csr
drwxrwxrwx. 2 root root 4096 Nov 1 14:23 renewal
drwx-w--w-. 4 root root 4096 Nov 1 14:23 archive
drwx-w--w-. 4 root root 4096 Nov 1 14:23 live
-rw-rw-rw-. 1 root root 30 Dec 11 19:53 cli.ini

many thanks, L.

lejeczek · January 29, 2022, 9:11am

Gee.... man, rush, typos, silly mistakes.. my 'volume' mapping!
should have been:
--volume /etc/letsencrypt.podman:/etc/letsencrypt:z

system · February 28, 2022, 9:12am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.