Error with certbot

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
luxbul,lu www.luxbul.lu
I ran this command:
certbot certonly -d luxbul.lu -d www.luxbul.lu --server https://acme-v02.api.letsencrypt.org/directory --email admin@linc.lu --agree-tos -w /var/www/_letsencrypt --force-renewal
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?

1: Place files in webroot directory (webroot)
2: Spin up a temporary webserver (standalone)

Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 1
An unexpected error occurred:
KeyError: ‘Directory field not found’
Please see the logfiles in /var/log/letsencrypt for more details.
cat /var/log/letsencrypt/letsencrypt.log
2020-06-25 14:02:00,907:DEBUG:certbot.main:Root logging level set at 20
2020-06-25 14:02:00,908:INFO:certbot.main:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-06-25 14:02:00,909:DEBUG:certbot.main:certbot version: 0.10.2
2020-06-25 14:02:00,909:DEBUG:certbot.main:Arguments: [’-d’, ‘luxbul.lu’, ‘-d’, ‘www.luxbul.lu’, ‘–server’, ‘https://acme-v02.api.letsencrypt.org/directory’, ‘–email’, ‘admin@linc.lu’, ‘–agree-tos’, ‘–force-renewal’]
2020-06-25 14:02:00,909:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2020-06-25 14:02:00,909:DEBUG:certbot.plugins.selection:Requested authenticator None and installer None
2020-06-25 14:02:01,017:DEBUG:certbot.plugins.selection:Multiple candidate plugins: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7fd07123db90>
Prep: True

  • standalone
    Description: Spin up a temporary webserver
    Interfaces: IAuthenticator, IPlugin
    Entry point: standalone = certbot.plugins.standalone:Authenticator
    Initialized: <certbot.plugins.standalone.Authenticator object at 0x7fd07123d090>
    Prep: True
    2020-06-25 14:02:02,703:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7fd07123db90> and installer None
    2020-06-25 14:02:02,751:DEBUG:root:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
    2020-06-25 14:02:02,756:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
    2020-06-25 14:02:03,282:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “GET /directory HTTP/1.1” 200 658
    2020-06-25 14:02:03,283:DEBUG:acme.client:Received response:
    HTTP 200
    Server: nginx
    Date: Thu, 25 Jun 2020 14:02:03 GMT
    Content-Type: application/json
    Content-Length: 658
    Connection: keep-alive
    Cache-Control: public, max-age=0, no-cache
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800

{
“f16XBCLLrU0”: “Adding random entries to the directory”,
“keyChange”: “https://acme-v02.api.letsencrypt.org/acme/key-change”,
“meta”: {
“caaIdentities”: [
letsencrypt.org
],
“termsOfService”: “https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf”,
“website”: “https://letsencrypt.org
},
“newAccount”: “https://acme-v02.api.letsencrypt.org/acme/new-acct”,
“newNonce”: “https://acme-v02.api.letsencrypt.org/acme/new-nonce”,
“newOrder”: “https://acme-v02.api.letsencrypt.org/acme/new-order”,
“revokeCert”: “https://acme-v02.api.letsencrypt.org/acme/revoke-cert
}
2020-06-25 14:02:03,284:DEBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
File “/usr/bin/certbot”, line 11, in
load_entry_point(‘certbot==0.10.2’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 849, in main
return config.func(config, plugins)
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 621, in obtain_cert
le_client = _init_le_client(config, auth, installer)
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 399, in _init_le_client
acc, acme = _determine_account(config)
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 384, in _determine_account
config, account_storage, tos_cb=_tos_cb)
File “/usr/lib/python2.7/dist-packages/certbot/client.py”, line 129, in register
regr = perform_registration(acme, config)
File “/usr/lib/python2.7/dist-packages/certbot/client.py”, line 159, in perform_registration
return acme.register(messages.NewRegistration.from_data(email=config.email))
File “/usr/lib/python2.7/dist-packages/acme/client.py”, line 102, in register
response = self.net.post(self.directory[new_reg], new_reg)
File “/usr/lib/python2.7/dist-packages/acme/messages.py”, line 200, in getitem
raise KeyError(‘Directory field not found’)
KeyError: ‘Directory field not found’

The directory does exists!!
My web server is (include version):
nginx 1.6.2
The operating system my web server runs on is (include version):
debian jessie
My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
0.10.2

1 Like

Hi @ChristopheH-Ekonoo

please update. Minimal 0.31 may work (if I know it correct).

PS: That’s too.

Jessie receives Long-Term-Support since 2018-06-17

2 Likes

I am not authorized to update the OS on the machines…I have telling my customer that they should for the past 2.5 year

How do I update certbot…I try to replace by certbot-auto but can’t install it seems

1 Like

May be impossible because of the too old OS.

Try other clients (acme.sh).

Then they should buy a certificate with a manual validation one time per year / 2 years.

2 Likes

Hello Juergen
Sorry for the late answer
I was able to get my certificate with acme.sh and by installing also socat 1.7.2.4 (upper version were not working)

Thanks for the help

Best regards

2 Likes