So, I’ve been running LetsEncrypt for quite some time now, on several servers. Also the one in question …
Renewal is pending, but I couldn’t get it to work … it kept complaining the challenge couldn’t be completed, logs showed 404’s.
After some debugging I noticed that on my conf files, which contain separate VirtualHost sections for v4 and v6 as combined files, only the first VirtualHost section gets the Include for the two additional config options that LE needs for the Rewrite, the second (v6) does not. So, with v6 preferred by the challenge servers, the query fails.
I then split up my config file between v4 and v6 blocks, and could see that during the dry-run, while the v6 file had a new timestamp, again the include statements required for the rewrite were missing …
I know that the files had NOT been altered since March 10th, which was the last time the renewal ran (successfully).
Any idea what might be causing Certbot/Letsencrypt renewal to not update the config file???