Error trying to renew the certificate

Hi.
When trying to update the certificate using certbot renew it gives me the following error:

What could be the problem?? I’m in a CentOs 7 on apache

Thank you.
regards

Hi @SysTmas

please answer the following questions. This is the template of #help

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

My domain is: aerolineaslasa.com

I ran this command: certbot renew

It produced this output:(´Conection aborted´), gaierror(-2, ´Name or service no Know´), Skipping

My web server is (include version): Apache/2.4.6 CentOS OpenSSL/1.0.2k-fips PHP/5.6.36

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: Claro.Cloud.Com

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot --version certbot 0.27.1

Thank you for helping

Never seen such an error. Looks like your installation is corrupt. You may check

/var/log/letsencrypt/letsencrypt.log

and update your certbot.

The Log File say:

2019-02-04 14:58:50,634:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2019-02-04 14:58:50,635:ERROR:certbot.renewal: /etc/letsencrypt/live/aerolineaslasa.com/fullchain.pem (failure)
2019-02-04 14:58:50,636:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/bin/certbot”, line 9, in
load_entry_point(‘certbot==0.27.1’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 1364, in main
return config.func(config, plugins)
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 1276, in renew
renewal.handle_renewal_request(config)
File “/usr/lib/python2.7/site-packages/certbot/renewal.py”, line 455, in handle_renewal_request
len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 0 parse failure(s)

From your server, can you:
curl acme-v02.api.letsencrypt.org

Run the command again and add

certbot renew -vvv

so much more informations are logged.

1 Like

When trying to run acme-v02.api.letsencrypt.org throws error (6) Unknown error

2019-02-04 19:55:54,095:DEBUG:certbot.main:certbot version: 0.27.1
2019-02-04 19:55:54,095:DEBUG:certbot.main:Arguments: [’-vvv’]
2019-02-04 19:55:54,095:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-02-04 19:55:54,116:DEBUG:certbot.log:Root logging level set at -10
2019-02-04 19:55:54,116:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-02-04 19:55:54,132:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7fee5a005490> and installer <certbot.cli._Default object at 0x7fee5a005490>
2019-02-04 19:55:54,146:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2019-02-14 00:15:44 UTC.
2019-02-04 19:55:54,146:INFO:certbot.renewal:Cert is due for renewal, auto-renewing…
2019-02-04 19:55:54,147:DEBUG:certbot.plugins.selection:Requested authenticator apache and installer apache
2019-02-04 19:55:54,421:DEBUG:certbot_apache.configurator:Apache version is 2.4.6
2019-02-04 19:55:55,149:DEBUG:certbot.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin - Beta
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = certbot_apache.entrypoint:ENTRYPOINT
Initialized: <certbot_apache.override_centos.CentOSConfigurator object at 0x7fee5a04aad0>
Prep: True
2019-02-04 19:55:55,150:DEBUG:certbot.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin - Beta
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = certbot_apache.entrypoint:ENTRYPOINT
Initialized: <certbot_apache.override_centos.CentOSConfigurator object at 0x7fee5a04aad0>
Prep: True
2019-02-04 19:55:55,151:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_apache.override_centos.CentOSConfigurator object at 0x7fee5a04aad0> and installer <certbot_apache.override_centos.CentOSConfigurator object at 0x7fee5a04aad0>
2019-02-04 19:55:55,151:INFO:certbot.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2019-02-04 19:55:55,210:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, terms_of_service_agreed=None, agreement=None, only_return_existing=None, contact=(), key=None), uri=u’https://acme-v02.api.letsencrypt.org/acme/acct/45875926’, new_authzr_uri=None, terms_of_service=None), 4d99e86d4d5b5c01de1cf302a783255b, Meta(creation_host=u’localhost.localdomain’, creation_dt=datetime.datetime(2018, 11, 16, 1, 13, 35, tzinfo=)))>
2019-02-04 19:55:55,222:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2019-02-04 19:55:55,230:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2019-02-04 19:55:55,233:WARNING:certbot.renewal:Attempting to renew cert (aerolineaslasa.com) from /etc/letsencrypt/renewal/aerolineaslasa.com.conf produced an unexpected error: (‘Connection aborted.’, gaierror(-2, ‘Name or service not known’)). Skipping.
2019-02-04 19:55:55,235:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File “/usr/lib/python2.7/site-packages/certbot/renewal.py”, line 430, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 1195, in renew_cert
le_client = _init_le_client(config, auth, installer)
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 648, in _init_le_client
return client.Client(config, acc, authenticator, installer, acme=acme)
File “/usr/lib/python2.7/site-packages/certbot/client.py”, line 247, in init
acme = acme_from_config_key(config, self.account.key, self.account.regr)
File “/usr/lib/python2.7/site-packages/certbot/client.py”, line 50, in acme_from_config_key
return acme_client.BackwardsCompatibleClientV2(net, key, config.server)
File “/usr/lib/python2.7/site-packages/acme/client.py”, line 761, in init
directory = messages.Directory.from_json(net.get(server).json())
File “/usr/lib/python2.7/site-packages/acme/client.py”, line 1095, in get
self._send_request(‘GET’, url, **kwargs), content_type=content_type)
File “/usr/lib/python2.7/site-packages/acme/client.py”, line 1044, in _send_request
response = self.session.request(method, url, *args, **kwargs)
File “/usr/lib/python2.7/site-packages/requests/sessions.py”, line 464, in request
resp = self.send(prep, **send_kwargs)
File “/usr/lib/python2.7/site-packages/requests/sessions.py”, line 576, in send
r = adapter.send(request, **kwargs)
File “/usr/lib/python2.7/site-packages/requests/adapters.py”, line 415, in send
raise ConnectionError(err, request=request)
ConnectionError: (‘Connection aborted.’, gaierror(-2, ‘Name or service not known’))

2019-02-04 19:55:55,297:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2019-02-04 19:55:55,299:ERROR:certbot.renewal: /etc/letsencrypt/live/aerolineaslasa.com/fullchain.pem (failure)
2019-02-04 19:55:55,311:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/bin/certbot”, line 9, in
load_entry_point(‘certbot==0.27.1’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 1364, in main
return config.func(config, plugins)
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 1276, in renew
renewal.handle_renewal_request(config)
File “/usr/lib/python2.7/site-packages/certbot/renewal.py”, line 455, in handle_renewal_request
len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 0 parse failure(s)

Checked, that means getaddrinfo - error.

So it looks that your server can't talk with Letsencrypt.

The gaierror is apparently an abbreviation for getaddrinfoerror, referring to the attempt to do a DNS lookup, Is there some kind of firewall limiting the ability of this server to make DNS queries? What kind of DNS server is your server using?

Seeing the contents of this file may be helpful:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.