Dry-run error messages

thank you Griffin. i did try certbot remove; and recreating one of them thinking that might fix it, but that did not solve the issue.

maybe i will set up a crontab to run it at 1AM or so & see if the results are different.


I'm slightly confused as to where you might still be using the fullchain.pem file... or are you?
[as your apache is version 2.4.6 it can't handle such a file]

If you add -vv [or -vvv] to the certbot renewal command line, we might see more detail and better understand the problem.


only slightly confused? wow you are doing much better than i am.

now, if you realy want confusing: when i look at the results of phpinfo(); i see:


but when i do httpd -v i see:

Server version: Apache/2.4.37 (centos)
Server built: Nov 4 2020 03:20:37

assuming that the httpd -v; test is more accurate, that may explain why there did not seem to be any difference using fullchain.pem vs using chain.pem, according to either SSL Checker or apachectl configtest ;.

EXCELLECT suggestion - i am trying that now.

(still puzzled why phpinfo apache version ## differs from httpd -v; but i save that question for another day, another forum.

UPDATE: i did the -vv as suggested. from scanning it, i am seeing a lot of JSON looking structures and activity, but nothing specific. of course i have never examined a diagnostic log from certbot before this. trying -vvv- now.

i am also thinking i will run this multiple times and see if there is any sort of "pattern" with which domain names are successful and which ones are not. there is one domain name i expect to fail since it it not [yet] hosted on the new server.


I've made an inquiry regarding the errors you're seeing:


I bet there may be multiple versions of Apache installed.
find / -name apache2
find / -name httpd

1 Like

nothing for apache2

# find / -name httpd -type f ;

1 Like

how about...
find / -name php.ini
then grep the file found for apache


# find / -name php.ini -type f ;

no grep results for apache, and no uncommented lines for httpd

i am asking question here since this is starting to make me wonder what is going on:

1 Like

Staging server flakiness has been addressed by the Let's Encrypt staff. Please try again when you can and report back to us.


Griffin - i am very accustomed to such behavior from my female dating partners; in fact, i have come to expect it.

but regarding your latest inquiry, you are absolutely correct. 100% success this time!


You are most welcome! I'm just glad I was able to help (though of course I must give the Let's Encrypt staff the lion's share of the credit in actually solving the issue). :smiley:

1 Like

a few interesting replies: