Error for renew in Domain after change host point

BarbaraEster · September 24, 2018, 5:10pm

i try renew cert and not work, follow my commands, and have detail. This Domain change for other host. if is generate cert need with manualy DNS changelle. But i change after. How do the renew using manualy DNS?

My domain is: cesarpeixoto.com

I ran this command:

history of commands:

root@serverbc:/# sudo ./certbot-auto renew --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/cesarpeixoto.com.conf

Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator standalone, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for cesarpeixoto.com
http-01 challenge for www.cesarpeixoto.com
Cleaning up challenges
Attempting to renew cert (cesarpeixoto.com) from /etc/letsencrypt/renewal/cesarpeixoto.com.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/cesarpeixoto.com/fullchain.pem (failure)

** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/cesarpeixoto.com/fullchain.pem (failure)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)

1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:

Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
root@serverbc:/#

It produced this output:

Log Error

gist.github.com

https://gist.github.com/BarbaraEster/8b467c52309139314debfb094e06876b

errorlog.txt

2018-09-23 12:00:03,773:DEBUG:certbot.main:certbot version: 0.26.1
2018-09-23 12:00:03,775:DEBUG:certbot.main:Arguments: []
2018-09-23 12:00:03,776:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-09-23 12:00:03,823:DEBUG:certbot.log:Root logging level set at 20
2018-09-23 12:00:03,825:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-09-23 12:00:03,852:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f827e7eb940> and installer <certbot.cli._Default object at 0x7f827e7eb940>
2018-09-23 12:00:03,869:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2018-10-04 15:33:21 UTC.
2018-09-23 12:00:03,869:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2018-09-23 12:00:03,870:DEBUG:certbot.plugins.selection:Requested authenticator manual and installer None
2018-09-23 12:00:03,871:DEBUG:certbot.plugins.disco:Other error:(PluginEntryPoint#manual): An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.

This file has been truncated. show original

My web server is (include version): Ubuntu 16

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: Vultr + Serverpilot

stevenzhu · September 24, 2018, 5:17pm

Hi,

It seems that you have a web server running when you run certbot as standalone mode…

The standalone mode in certbot means it will try to start a web server (that included in the certbot) and deal with authentication challenges.

If you wish to use the existing web server to deal with your renewal, please run the below command to covert the certificate to use your default webserver…

(However, you would need some minor tweaks, since you are using a CMS which intercepts the challenges automatically)

sudo ./certbot-auto -a nginx -d cesarpeixoto.com -d www.cesarpeixoto.com

Thank you

BarbaraEster · September 24, 2018, 6:00pm

Helo! i run cooomand and have this error>
root@serverbc:/# sudo ./certbot-auto -a nginx -d cesarpeixoto.com -d www.cesarpeixoto.com Saving debug log to /var/log/letsencrypt/letsencrypt.log Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run "certbot-auto certonly" to do so. You'll need to manually configure your web server to use the resulting certificate. root@serverbc:/# sudo ./certbot-auto certonly -a nginx -d cesarpeixoto.com -d www.cesarpeixoto.com Saving debug log to /var/log/letsencrypt/letsencrypt.log Could not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration. The error was: NoInstallationError() The nginx plugin is not working; there may be problems with your existing configuration. The error was: NoInstallationError() root@serverbc:/#

One Detail> my host of domain, i am use skymail with point Vultr.

stevenzhu · September 24, 2018, 6:05pm

Hi,

BarbaraEster:

root@serverbc:/# sudo ./certbot-auto -a nginx -d cesarpeixoto.com -d www.cesarpeixoto.com Saving debug log to /var/log/letsencrypt/letsencrypt.log Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run "certbot-auto certonly" to do so. You'll need to manually configure your web server to use the resulting certificate. root@serverbc:/# sudo ./certbot-auto certonly -a nginx -d cesarpeixoto.com -d www.cesarpeixoto.com Saving debug log to /var/log/letsencrypt/letsencrypt.log Could not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration. The error was: NoInstallationError() The nginx plugin is not working; there may be problems with your existing configuration. The error was: NoInstallationError() root@serverbc:/#

This error means your nginx is not in the default installation path.
Are you using nginx with server pilot?
If so, please try this command.
sudo ./certbot-auto -a nginx -d cesarpeixoto.com -d www.cesarpeixoto.com --nginx-server-root /etc/nginx-sp/

Thank you

BarbaraEster · September 24, 2018, 7:09pm

Very Thanks! Work i have output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run "certbot-auto certonly" to do so. You'll need to manually configure your web server to use the resulting certificate.

and log i have This>

gist.github.com

https://gist.github.com/BarbaraEster/37c73c8d87a76dd450d70c6fb5807481

log-lets.txt

2018-09-24 16:05:24,795:DEBUG:certbot.main:certbot version: 0.27.1
2018-09-24 16:05:24,795:DEBUG:certbot.main:Arguments: ['-a', 'nginx', '-d', 'cesarpeixoto.com', '-d', 'www.cesarpeixoto.com', '--nginx-server-root', '/etc/nginx-sp/']
2018-09-24 16:05:24,795:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-09-24 16:05:24,816:DEBUG:certbot.log:Root logging level set at 20
2018-09-24 16:05:24,818:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-09-24 16:05:24,819:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer None
2018-09-24 16:05:24,845:DEBUG:certbot.plugins.util:Failed to find executable apache2ctl in PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
2018-09-24 16:05:24,846:DEBUG:certbot.plugins.disco:No installation (PluginEntryPoint#apache): Cannot find Apache executable apache2ctl
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/plugins/disco.py", line 132, in prepare

This file has been truncated. show original

stevenzhu · September 24, 2018, 7:35pm

Hi,

It seems that certbot still can’t find your nginx configuration.

Could you please confirm whats the path you used to start Nginx? ( nginx.conf file location?)

Thank you

BarbaraEster · September 24, 2018, 7:43pm

Hello! hmm this path is

/etc/nginx-sp/vhosts.d/APPNAME.conf
/etc/nginx-sp/vhosts.d/APPNAME.d/main.conf

for restart e etc… i am use > sudo service nginx-sp restart

BarbaraEster · September 24, 2018, 7:44pm

i am use this url >
https://serverpilot.io/docs/customize-nginx-settings

BarbaraEster · September 24, 2018, 7:47pm

i try with >
sudo ./certbot-auto certonly -a nginx -d cesarpeixoto.com -d www.cesarpeixoto.com --nginx-server-root /etc/nginx-sp/vhosts.d/00cesarpeixotocom.conf
and

sudo ./certbot-auto certonly -a nginx -d cesarpeixoto.com -d www.cesarpeixoto.com --nginx-server-root /etc/nginx-sp/vhosts.d/

and i have the same error.

stevenzhu · September 24, 2018, 7:51pm

Hi,

After searching online, I found this script that might be useful to you… please take a look: https://github.com/lesaff/serverpilot-letsencrypt

Thank you

BarbaraEster · September 24, 2018, 8:00pm

i am use! But the people talk for me, that he not work with renew, too have the question, that i am use Skymail > vultr, he renew normal?

BarbaraEster · September 24, 2018, 8:03pm

other question. for renew using dns-01 challenge i just run the code again? for a new txt update? and done?

Thanks!

i am test again with contrab command but not work right. i try and post result for you! Thanks!

stevenzhu · September 24, 2018, 8:04pm

Hi,

I'm sorry but I don't get what you are trying to say...

If you are trying to renew with dns01 (and manual), you should just run the command yhay you originally obtained the certificate... (Since manual with dns01 and no validation script will not work when renewing the certificate)

Thank you

system · October 24, 2018, 8:04pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.