Certificate renewal failed

My domain is: viciremote.telsurcallcenter.com

I ran this command: certbot renew

It produced this output:

/usr/lib/python2.7/site-packages/OpenSSL/crypto.py:12: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in the next release.
from cryptography import x509
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/viciremote.telsurcallcenter.com.conf

Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for viciremote.telsurcallcenter.com
Using the webroot path /srv/www/htdocs for all unmatched domains.
Waiting for verification...
Challenge failed for domain viciremote.telsurcallcenter.com
http-01 challenge for viciremote.telsurcallcenter.com
Cleaning up challenges
Attempting to renew cert (viciremote.telsurcallcenter.com) from /etc/letsencrypt/renewal/viciremote.telsurcallcenter.com.conf produced an unexpected error: Some challenges have failed.. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/viciremote.telsurcallcenter.com/fullchain.pem (failure)

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/viciremote.telsurcallcenter.com/fullchain.pem (failure)

1 renew failure(s), 0 parse failure(s)


My web server is (include version): nginx version: nginx/1.14.0

The operating system my web server runs on is (include version): Kernel - Linux version 4.12.14-lp151.28.87-default (geeko@buildhost) (gcc version 7.5.0 (SUSE Linux) )
NAME="openSUSE Leap"

My hosting provider, if applicable, is: godaddy

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.0.0

Hi @Karely90 and welcome to the LE community forum :slight_smile:

I'd start by updating certbot.
[not sure how that's done on "openSUSE Leap"]

1 Like

Thank you very much for the welcome, I am new to this but I am already looking for how to update certbot, I have a question, the email that is registered is from another person (the one who made the certificate) when I do the vicibox-certbot renew command it asks me again an email, can I put mine or does it have to be the one in the cli.ini file?

Additional I see that in the cli.ini file this line is commented
# server = https://acme-v01.api.letsencrypt.org/directory
I read somewhere that it should be uncommented and that it was acme-v02 instead of 01. Is that correct?

Not sure about that particular entry - it probably doesn't even need to be used at all (the default should be fine).
But certbot (and every other ACME client) should definitely be using v02.