Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: www.myndintranquility.com
I ran this command:
sudo certbot renew -v --renew-hook 'service nginx reload'
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/mail.kumars.io.conf
Certificate not yet due for renewal
Processing /etc/letsencrypt/renewal/www.myndintranquility.com.conf
Certificate is due for renewal, auto-renewing...
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate for www.myndintranquility.com
Performing the following challenges:
http-01 challenge for www.myndintranquility.com
Cleaning up challenges
Failed to renew certificate www.myndintranquility.com with error: nginx restart failed:
nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf-enabled/server_names_hash_bucket.conf:1
The following certificates are not due for renewal yet:
/etc/letsencrypt/live/mail.kumars.io/fullchain.pem expires on 2023-07-30 (skipped)
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/www.myndintranquility.com/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
My web server is (include version):
nginx/1.18.0 (Ubuntu)
The operating system my web server runs on is (include version):
Ubuntu 22.04.2
My hosting provider, if applicable, is:
Hetzner
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
certbot 1.21.0
Further steps, I have run $ grep -lir "server_names_hash" *
in my /etc/nginx directory and only found one instance of it that hasn't been commented out which is in the file conf-available/server_names_hash_bucket_size.conf. There were a couple of other instances of it but they were commented out, but i went ahead and removed them anyway.
I have also run $ sudo nginx -t
and got:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Running 'service nginx reload' works without any issues. So I am not sure why its failing only when its run via the certbot renew command.
Any help or pointers would be much appreciated.
Thanks,
arun