Certificate renew failure with AWS route 53

I have successfully issued a wildcard certificate for my domain, using route 53 challenge. I have followed the instructions described in Christopher Muller's post about configuring Letsencryt wildcard certificate using aws 53 route.

The certificate was issued 85 days ago and now I am trying to renew the certificate without any success. I have tried the command below but certbot returns an error stating that was unable to locate the credentials.

certbot renew --dns-route53 --logs-dir /home/ubuntu/letsencrypt/log/ --config-dir /home/ubuntu/letsencrypt/config/ --work-dir /home/ubuntu/letsencrypt/work/ --non-interactive --server https://acme-v02.api.letsencrypt.org/directory

My credentials are stored in a file named credentials in the folder ubuntu/.aws

What is annoying to me is that I was able to issue the wildcard certificate in first place. Why certbot wouldn't find the credentials when trying to renew the certificate?

If you run Certbot as root, then it expects the file to be located in the /root/.aws/ directory.

Maybe the problem is that you initially ran it via sudo, but since the renewal is in the root user’s cron, there is a mismatch as to which $HOME directory is used to locate the config file?

1 Like

Thank you very much _az. My credentials where on ubuntu home and I was logged as root. I switched back to ubuntu and it worked now.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.