My domain is:ncssm.edu
I ran this command:
certbot # interactively, to remove the FQDN my.ncssm.edu, which worked, followed by
certbot --renew # which still attempts to renew my.ncssm.edu
It produced this output: [see below]
My web server is (include version): apache 2.6.4
The operating system my web server runs on is (include version): RHEL 7.9
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): 1.10.1
I have a number of vhosts on a particular machine, all protected with Let's Encrypt certs. I recently moved one vhost (my.ncssm.edu) to another machine, so ran certbot interactively to remove the vhost from the certificates on this machine. I verified that it did not show up in the output, was not challenged, and the new certificates for the remaining vhosts wiere properly deployed.
However, any time certbot renew is run, it continues to try to renew the cert for my.ncssm.edu. The challenge fails. The output from the certbot renew command is:
certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/ai.ncssm.edu.conf
Cert not yet due for renewal
Processing /etc/letsencrypt/renewal/broadstreetscientific.ncssm.edu.conf
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Renewing an existing certificate for ai.ncssm.edu and 12 more domains
Performing the following challenges:
http-01 challenge for my.ncssm.edu
Waiting for verification...
Challenge failed for domain my.ncssm.edu
http-01 challenge for my.ncssm.edu
Cleaning up challenges
Attempting to renew cert (broadstreetscientific.ncssm.edu) from /etc/letsencrypt/renewal/broadstreetscientific.ncssm.edu.conf produced an unexpected error: Some challenges have failed.. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/broadstreetscientific.ncssm.edu/fullchain.pem (failure)
The following certs are not due for renewal yet:
/etc/letsencrypt/live/ai.ncssm.edu/fullchain.pem expires on 2021-04-13 (skipped)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/broadstreetscientific.ncssm.edu/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: my.ncssm.edu
Type: unauthorized
Detail: Invalid response from
https://my.ncssm.edu/.well-known/acme-challenge/72FCQe8zm87ELzm6k05qaf7n5ngcmoLhQpyPHuyEwPg
[192.154.43.232]: "\n\n404 Not
Found\n\nNot Found
\n<p"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.