My domain is: sscsu.org.uk

I ran this command: sudo certbot renew --dry-run

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

---

Processing /etc/letsencrypt/renewal/chat.sscsu.org.uk.conf

Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator standalone, Installer apache
Attempting to renew cert (chat.sscsu.org.uk) from /etc/letsencrypt/renewal/chat.sscsu.org.uk.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: ACMEv1 Brownout in Progress. ACMEv1 will fully turn off on June 1, 2021. Check https://letsencrypt.status.io/ for more details.. Skipping.

---

Processing /etc/letsencrypt/renewal/mail.sscsu.org.uk.conf

Attempting to parse the version 1.8.0 renewal configuration file found at /etc/letsencrypt/renewal/mail.sscsu.org.uk.conf with version 0.21.1 of Certbot. This might not work.
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator apache, Installer None
Attempting to renew cert (mail.sscsu.org.uk) from /etc/letsencrypt/renewal/mail.sscsu.org.uk.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: ACMEv1 Brownout in Progress. ACMEv1 will fully turn off on June 1, 2021. Check https://letsencrypt.status.io/ for more details.. Skipping.
..... Similar output for next two domains, then:

** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/chat.sscsu.org.uk/fullchain.pem (failure)
/etc/letsencrypt/live/mail.sscsu.org.uk/fullchain.pem (failure)
/etc/letsencrypt/live/test.sscsu.org.uk/fullchain.pem (failure)
/etc/letsencrypt/live/www.sscsu.org.uk/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)

4 renew failure(s), 0 parse failure(s)

My web server is (include version): Apache 2.4.27

The operating system my web server runs on is (include version): Ubuntu 17.10

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.21.1

Got the deprecation email on Friday detailing I need to update the certbot software to work with ACMEv2. Tried to look around the files a bit and I don't understand why it's still trying to hit the v1 server. Here's mail.sscsu.org.uk.conf for reference:

renew_before_expiry = 30 days

version = 1.8.0
archive_dir = /etc/letsencrypt/archive/mail.sscsu.org.uk
cert = /etc/letsencrypt/live/mail.sscsu.org.uk/cert.pem
privkey = /etc/letsencrypt/live/mail.sscsu.org.uk/privkey.pem
chain = /etc/letsencrypt/live/mail.sscsu.org.uk/chain.pem
fullchain = /etc/letsencrypt/live/mail.sscsu.org.uk/fullchain.pem

Options used in the renewal process

[renewalparams]
authenticator = apache
account = 6e714817f7077e946e0bc73f6fac32f4
server = https://acme-v02.api.letsencrypt.org/directory#

your certbot is outdated.

ubuntu 17.10 is EOL for almost three years

Certbot's ACMEv2 support was not yet present in that release.

Please take a look at this advice from the Certbot team which will advise you on what version you need to be using to get onto ACMEv2.

Unfortunately for you, Ubuntu 17.10 is a non-LTS release and has been EOL for a very long time. You need to get onto one of the releases of Ubuntu which is still supported by Canonical; that will be the most straightforward path to getting up-to-date Certbot software.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.