Does not start certificate renewal request

My domain is: server3.sio4.org

I ran this command: certbot certificates

It produced this output:

Found the following certs:
  Certificate Name: server3.sio4.org [..]
  Expiry Date: 2021-01-04 12:31:51+00:00 (VALID: 12 days)
  [..]

My web server is (include version): Apache 2.4.38

The operating system my web server runs on is: Debian 10

I can login to a root shell on my machine: yes

The version of my client Certbot is: certbot 0.31.0

Hi Support!
I realized by pure accident that the certificates for this server of mine are about to expire.
How I could understand/debug the reasons for this anomaly?
Everything seems to me to be regular, including Cron.

Many thanks!

  1. The LE log file can provide good clues.
  2. Running a certbot test using --staging can provide good clue (try with -vv for more info).
  3. Reviewing the Apache config with: apachectl -S can be useful.
  4. Check that both IP stacks are functioning as expected:
    Name: server3.sio4.org
    Addresses: 2a02:c207:2033:6544::1
    144.91.102.142
2 Likes

Hi @danjde

where is your log output?

Your configuration is buggy, that can't work - see https://check-your-website.server-daten.de/?q=server3.sio4.org

Ipv4 works, ipv6 has a timeout.

Checking your domain Letsencrypt prefers ipv6, so that's fatal.

Fix your ipv6 or remove the AAAA record.

1 Like
WARNING:certbot.renewal:Attempting to renew cert (server3.sio4.org) from /etc/letsencrypt/renewal/server3.sio4.org.conf produced an unexpected error: Missing command line flag or config entry for this setting:
Select the webroot for mysite.it:
Choices: ['Enter a new webroot', '/var/www/letsencrypt']

This one seems a known bug: Auto renewal started failing with error - Missing command line flag or config entry for this setting - #11 by erangalp

And updating "certbot 0.31.0-1" seems not possible, since it is already the most recent version.

Thanks again

However there is a problem for a third level domain that I added some weeks ago and which points to an "external" address.
This address is "unknown" to my domains, so I'll have to find a solution.. :thinking:

Thanks!

About this I'm investigating!

Thanks again!

Davide

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.