Certbot is not renewing

Help
1

Hello my certificates expired and when I tried to renew them I get the following message:

./certbot-auto renew
Requesting to rerun ./certbot-auto with root privileges…
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/cdljobshoustontx.com.conf

Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for cdljobshoustontx.com
http-01 challenge for www.cdljobshoustontx.com
Waiting for verification…
Challenge failed for domain cdljobshoustontx.com
Challenge failed for domain www.cdljobshoustontx.com
http-01 challenge for cdljobshoustontx.com
http-01 challenge for www.cdljobshoustontx.com
Cleaning up challenges
Attempting to renew cert (cdljobshoustontx.com) from /etc/letsencrypt/renewal/cdljobshoustontx.com.conf produced an unexpect
ed error: Some challenges have failed… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/cdljobshoustontx.com/fullchain.pem (failure)

Please help Need help I dont know what to do?

2

Hi @driveformvt

there is a wrong redirect ( https://check-your-website.server-daten.de/?q=cdljobshoustontx.com ):

Domainname Http-Status redirect Sec. G
http://cdljobshoustontx.com/
35.226.117.55 301 https://www.cdljobshoustontx.com 0.237 E
http://www.cdljobshoustontx.com/
35.226.117.55 301 https://www.cdljobshoustontx.com 0.236 A
https://www.cdljobshoustontx.com 301 https://cdljobshoustontx.com/ 1.120 N
Certificate error: RemoteCertificateChainErrors
https://www.cdljobshoustontx.com/
35.226.117.55 301 https://cdljobshoustontx.com/ 1.266 N
Certificate error: RemoteCertificateChainErrors
https://cdljobshoustontx.com/
35.226.117.55 200 1.630 N
Certificate error: RemoteCertificateChainErrors
http://cdljobshoustontx.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
35.226.117.55 301 https://www.cdljobshoustontx.com.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 0.236 E
Visible Content: Moved Permanently The document has moved here .
http://www.cdljobshoustontx.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
35.226.117.55 301 https://www.cdljobshoustontx.com.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 0.233 A
Visible Content: Moved Permanently The document has moved here .
https://www.cdljobshoustontx.com.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de -1 0.030 R
NameResolutionFailure - The remote name could not be resolved: 'www.cdljobshoustontx.com.well-known'
Visible Content:

You have redirects http -> https, that's ok, Letsencrypt follows these redirects.

But you see (first line):

http://cdljobshoustontx.com/ -> https://www.cdljobshoustontx.com

So your redirect code doesn't add a slash add the end.

That works with /.

But redirecting a subdirectory (last lines) produces an error:

http://www.cdljobshoustontx.com/.well-known/acme-challenge/random-filename

--> 

https://www.cdljobshoustontx.com.well-known/acme-challenge/random-filename

because it's a redirect to www.cdljobshoustontx.com.well-known.

So check your redirect rules and add a "/" after your {%SERVER_NAME} - variable. Then recheck your domain.

1 Like
3

Thanks, Let me check!

4

@JuergenAuer Thank You for your Help; I was able to fix the redirect and update the certificates!

1 Like
5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.