thank you Griffin. i did try certbot remove;
and recreating one of them thinking that might fix it, but that did not solve the issue.
maybe i will set up a crontab to run it at 1AM or so & see if the results are different.
thank you Griffin. i did try certbot remove;
and recreating one of them thinking that might fix it, but that did not solve the issue.
maybe i will set up a crontab to run it at 1AM or so & see if the results are different.
I'm slightly confused as to where you might still be using the fullchain.pem
file... or are you?
[as your apache is version 2.4.6 it can't handle such a file]
If you add -vv
[or -vvv
] to the certbot renewal command line, we might see more detail and better understand the problem.
only slightly confused? wow you are doing much better than i am.
now, if you realy want confusing: when i look at the results of phpinfo(); i see:
SERVER_SOFTWARE Apache/2.4.6
but when i do httpd -v
i see:
Server version: Apache/2.4.37 (centos)
Server built: Nov 4 2020 03:20:37
assuming that the httpd -v;
test is more accurate, that may explain why there did not seem to be any difference using fullchain.pem
vs using chain.pem
, according to either SSL Checker or apachectl configtest ;
.
EXCELLECT suggestion - i am trying that now.
(still puzzled why phpinfo apache version ## differs from httpd -v;
but i save that question for another day, another forum.
UPDATE: i did the -vv
as suggested. from scanning it, i am seeing a lot of JSON looking structures and activity, but nothing specific. of course i have never examined a diagnostic log from certbot before this. trying -vvv-
now.
i am also thinking i will run this multiple times and see if there is any sort of "pattern" with which domain names are successful and which ones are not. there is one domain name i expect to fail since it it not [yet] hosted on the new server.
I've made an inquiry regarding the errors you're seeing:
I bet there may be multiple versions of Apache installed.
find / -name apache2
find / -name httpd
nothing for apache2
# find / -name httpd -type f ;
/etc/logrotate.d/httpd
/usr/sbin/httpd
/usr/share/doc/perl-Net-Server/examples/httpd
how about...
find / -name php.ini
then grep
the file found for apache
# find / -name php.ini -type f ;
/etc/php.ini
/home/MYDOMAIN.COM/etc/php7.2/php.ini
no grep results for apache, and no uncommented lines for httpd
i am asking question here since this is starting to make me wonder what is going on:
Staging server flakiness has been addressed by the Let's Encrypt staff. Please try again when you can and report back to us.
Griffin - i am very accustomed to such behavior from my female dating partners; in fact, i have come to expect it.
but regarding your latest inquiry, you are absolutely correct. 100% success this time!
You are most welcome! I'm just glad I was able to help (though of course I must give the Let's Encrypt staff the lion's share of the credit in actually solving the issue).
a few interesting replies:
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.