My domain is: smkfmartialarts.com

I ran this command: certbot -v

It produced this output:
Root logging level set at 10
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator None and installer None
Apache version is 2.4.54
Killed

My web server is (include version):
Apache version is 2.4.54

The operating system my web server runs on is (include version):
Amazon EC2 Linux
amzn2-ami-kernel-5.10-hvm-2.0.20220912.1-x86_64-gp2

My hosting provider, if applicable, is:
AWS

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.11.0

So after calling 'certbot -v', I got that output, and looking at the /var/log/letsencrypt/letsencrypt.log, it only contains:

cat /var/log/letsencrypt/letsencrypt.log

2022-10-17 16:29:47,338:DEBUG:certbot._internal.main:certbot version: 1.11.0
2022-10-17 16:29:47,338:DEBUG:certbot._internal.main:Location of certbot entry point: /bin/certbot
2022-10-17 16:29:47,338:DEBUG:certbot._internal.main:Arguments: ['-v']
2022-10-17 16:29:47,338:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-10-17 16:29:47,363:DEBUG:certbot._internal.log:Root logging level set at 10
2022-10-17 16:29:47,364:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2022-10-17 16:29:47,367:DEBUG:certbot._internal.plugins.selection:Requested authenticator None and installer None
2022-10-17 16:29:48,158:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.54

at which point certbot is killed by something.

I did a ps -ef for certbot to see if another copy is running and it is not..
I have also ran this line to remove any stale locks: find / -type f -name ".certbot.lock" -exec rm {} ;

Do you know of any reason why certbot gets killed after logging the apache version?

Thanks!

My completely wild guess is that your system is low on memory and the python that certbot is trying to run uses up so much memory that the system kills it.

I am running the free micro tier, but it has 317Mb left in memory (per top)...

Hi @gtvracer, and welcome to the LE community forum

Can you upgrade that version?

If I simply run: certbot certifcates, it does reply back with my current set of certs.

I'm trying to add a subdomain to my existing cert by:
certbot --expand -d studio.smkfmartialarts.com -d www.studio.smkfmartialarts.com

But it dies as described previously... killed after logging:
2022-10-17 17:01:19,234:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.54

and it goes no further...

That is the version yum installs...
I removed what was installed before, thinking that could've been the case, but this is the version yum installs...

If my memory serves me correctly...
Amazon Linux and certbot Apache don't play well together.

Try using certbot [without Apache] and use --webroot.

It may not, but I was able to create my original certs without any issues...

These site is served out of a Java war file, so it really doesn't have a webroot like /var/www/html...

How?
Did you use --apache ?
Did you reinstall or upgrade certbot after those certs?
[something must haver changed since then]

Is there anything listening on port 80?

As I recall, I just typed certbot, and it went through a series of questions and told it to use apache to find the domains. Then it created the pem files.

Please show the renewal config file.

Yes, apache

Then the java is unrelated.
You can use --webroot with Apache.

where do I find that?

Normally:
/etc/letsencrypt/renewal/FQDN.conf

Try:
ls -l /etc/letsencrypt/renewal/

renew_before_expiry = 30 days

version = 1.11.0
archive_dir = /etc/letsencrypt/archive/smkfmartialarts.com
cert = /etc/letsencrypt/live/smkfmartialarts.com/cert.pem
privkey = /etc/letsencrypt/live/smkfmartialarts.com/privkey.pem
chain = /etc/letsencrypt/live/smkfmartialarts.com/chain.pem
fullchain = /etc/letsencrypt/live/smkfmartialarts.com/fullchain.pem

Options used in the renewal process

[renewalparams]
authenticator = apache
installer = apache
account = 7ee924479b680********************
manual_public_ip_logging_ok = None
server = https://acme-v02.api.letsencrypt.org/directory

Have to go to a meeting for 30 mins or so, will check back then. Thank you!