Hi Let's Encrypt community,
I have a problem renewing my SSL certificate. I've searched for the same problem on this site, but I couldn't find a solution that would work for my server, so I decided to create a new topic.
I've noticed that a redirection rule was set up incorrectly to:
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example.com/$1 [R,L]
And I guess that's the problem why it couldn't renew automatically. So I've just changed it to:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
However, I still can't renew the certificate using the command below.
certbot renew
or certbot renew --cert-name henrykondracki.com
Because it produces this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/henrykondracki.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for henrykondracki.com
http-01 challenge for www.henrykondracki.com
Cleaning up challenges
Attempting to renew cert (henrykondracki.com) from /etc/letsencrypt/renewal/henrykondracki.com.conf produced an unexpected error: Missing command line flag or config entry for this setting:
Input the webroot for henrykondracki.com:. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/henrykondracki.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/henrykondracki.com/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
My domain is: henrykondracki.com
My web server is (include version):
OpenLiteSpeed 1.7.14
The operating system my web server runs on is (include version):
Ubuntu 20.04.3 LTS
My hosting provider, if applicable, is:
DigitalOcean
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is:
certbot 0.40.0