Certbot renew failure

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: srv1.easyhost365.com

I ran this command: certbot renew

It produced this output: `Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /etc/letsencrypt/renewal/srv1.easyhost365.com.conf


Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for srv1.easyhost365.com
Waiting for verification…
Challenge failed for domain srv1.easyhost365.com
http-01 challenge for srv1.easyhost365.com
Cleaning up challenges
Attempting to renew cert (srv1.easyhost365.com) from /etc/letsencrypt/renewal/srv1.easyhost365.com.conf produced an unexpected error: Some challenges have failed… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/srv1.easyhost365.com/fullchain.pem (failure)


All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/srv1.easyhost365.com/fullchain.pem (failure)


1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:

My web server is (include version): Apache/2.4.6

The operating system my web server runs on is (include version): CentOS Linux release 7.8.2003

My hosting provider, if applicable, is: Contabo VPS

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 1.5.0

Read many topics and google, but can’t renew ssl certificates for this main server domain who serves control panel etc. From Centos Web panel i can generate certificates for others domains (hosting type server). I think i’am stuck with vhosts or directory.

1 Like

Hi @grudlaps

there is a check of your domain, ~~2,5 hours old - https://check-your-website.server-daten.de/?q=srv1.easyhost365.com#certificates

And a valid certificate:

CN=srv1.easyhost365.com
	30.06.2020
	28.09.2020
expires in 82 days	srv1.easyhost365.com - 1 entry

Please use that certificate.

And if you use a control panel that manages your vHosts and certificates, you should never use raw clients.

Looks like you have a working configuration that blocks raw Certbot-usage.

2 Likes

Ye, i checked my site. Yes, i made certificate for that domain from my control panel, BUT it’s not working on control panel ports.

Example: https://srv1.easyhost365.com:2031/
https://srv1.easyhost365.com:2083/

Expired on 14 june. NET::ERR_CERT_DATE_INVALID.

How can i make work this certificate on these ports?

You have to install the existing certificate, so these ports are able to use it.

That’s a problem of your control panel.

Don’t create new certificates, there is a rate limit. You have one.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.