I am unable to automatically renew the certificate on my web server.
I have been using something like this:
certbot certonly \ --agree-tos \ --renew-by-default \ --dns-cloudflare \ --dns-cloudflare-credentials /.cloudflare \ --cert-name example.com \ -d foo.example.com \ -d bar.example.com
This creates a random sequentially numbered directory with a new certificate inside, like
example.com-004. My web server doesn’t know where to find this, so I’ve built a symlink hack on top of it. It’s not ideal.
It looks like
certbot renew might be the answer here, but I can’t get it to work. I have tried these:
certbot renew certbot renew \ --cert-name example.com certbot renew \ --agree-tos \ --cert-name example.com cerrbot renew \ --agree-tos \ --renew-by-default \ --dns-cloudflare \ --dns-cloudflare-credentials /.cloudflare \ --cert-name example.com \ -d foo.example.com \ -d bar.example.com
All of the above will fail with the error:
Currently, the renew verb is capable of either renewing all installed certificates that are due to be renewed or renewing a single certificate specified by its name. If you would like to renew specific certificates by their domains, use the certonly command instead. The renew verb may provide other options for selecting certificates to renew in the future.
…or maybe it is succeeding?