Deploy hooks being triggered even if they don't correspond to the domain being renewed


So, I have a few shell scripts like the one I've made and pasted here: Automatically manage certificates - #10 by Exterminador with the corresponding changes for each domain/subdomain, inside /etc/letsencrypt/renewal-hooks/deploy/.

Unfortunately, every time I manually renew a certificate (for testing purposes) for a specific domain, it seems that all the scripts there are executed at the same time. I have some printf lines in each script and I see them all being outputted after a renewal.


Renewing an existing certificate for
Hook 'deploy-hook' ran with output:
 ZNC certificate and key renewed
Hook 'deploy-hook' ran with output:
 PyLink certificate and key updated
Hook 'deploy-hook' ran with output:
 SSLCertFile and SSLKeyFile updated successfully!

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/
Key is saved at:         /etc/letsencrypt/live/
This certificate expires on 2023-05-10.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

Deploying certificate
Successfully deployed certificate for to /etc/apache2/sites-enabled/znc-le-ssl.conf
Your existing certificate has been successfully renewed, and the new certificate has been installed.

As you can see, only the lines with:

Hook 'deploy-hook' ran with output:
 ZNC certificate and key renewed

should be displayed, but I still got the printf lines from all the other scripts.

I'm probably missing something on my scripts, but I really can't figure it out.

Any help/ideas are greatly appreciated.

1 Like

Hi @Exterminador.

Some things you could add to help us help you better:

  1. What version of certbot are you using?
  2. What are the contents of the [related] renewal.conf file(s)?
  3. What are the contents of the cli.ini file?

Yes, hooks in that folder will all run. If you want to run a hook only with certain certificates you should specify the deploy hook on the command line So it is placed in the renewal config file for that domain


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.