Failed to autorenew from cron - Could not find a usable 'nginx' binary

alex-fomin · September 24, 2019, 11:36am

Hi,

I’m using certbot on Centos 7. It is configured via cron as:

0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew

But in my /var/logs/letsencrypt I got:

2019-09-23 01:21:56,888:DEBUG:certbot.main:certbot version: 0.31.0
2019-09-23 01:21:56,888:DEBUG:certbot.main:Arguments: []
2019-09-23 01:21:56,888:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-09-23 01:21:56,908:DEBUG:certbot.log:Root logging level set at 20
2019-09-23 01:21:56,908:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-09-23 01:21:56,921:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7ff685d37290> and installer <certbot.cli._Default object at 0x7ff685d37290>
2019-09-23 01:21:56,935:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2019-09-24 10:58:59 UTC.
2019-09-23 01:21:56,935:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2019-09-23 01:21:56,935:INFO:certbot.renewal:Non-interactive renewal: random delay of 261 seconds
2019-09-23 01:26:17,946:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
2019-09-23 01:26:17,951:DEBUG:certbot.plugins.disco:No installation (PluginEntryPoint#nginx): Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.
Traceback (most recent call last):
    File "/usr/lib/python2.7/site-packages/certbot/plugins/disco.py", line 132, in prepare
        self._initialized.prepare()
    File "/usr/lib/python2.7/site-packages/certbot_nginx/configurator.py", line 145, in prepare
    "Could not find a usable 'nginx' binary. Ensure nginx exists, "
NoInstallationError: Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.
2019-09-23 01:26:17,954:DEBUG:certbot.plugins.selection:No candidate plugin
2019-09-23 01:26:17,955:DEBUG:certbot.plugins.selection:No candidate plugin
2019-09-23 01:26:17,955:DEBUG:certbot.plugins.selection:Selected authenticator None and installer None
2019-09-23 01:26:17,955:INFO:certbot.main:Could not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError("Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.",)
2019-09-23 01:26:17,956:WARNING:certbot.renewal:Attempting to renew cert (reporting.track-pod.com) from /etc/letsencrypt/renewal/reporting.track-pod.com.conf produced an unexpected error: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError("Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.",). Skipping.
2019-09-23 01:26:17,958:DEBUG:certbot.renewal:Traceback was:Traceback (most recent call last):
    File "/usr/lib/python2.7/site-packages/certbot/renewal.py", line 452, in handle_renewal_request
        main.renew_cert(lineage_config, plugins, renewal_candidate)
    File "/usr/lib/python2.7/site-packages/certbot/main.py", line 1187, in renew_cert
        installer, auth = plug_sel.choose_configurator_plugins(config, plugins, "certonly")
    File "/usr/lib/python2.7/site-packages/certbot/plugins/selection.py", line 237, in choose_configurator_plugins
        diagnose_configurator_problem("authenticator", req_auth, plugins)
    File "/usr/lib/python2.7/site-packages/certbot/plugins/selection.py", line 341, in diagnose_configurator_problem
        raise errors.PluginSelectionError(msg)
PluginSelectionError: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError("Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.",)
2019-09-23 01:26:17,958:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2019-09-23 01:26:17,959:ERROR:certbot.renewal:/etc/letsencrypt/live/reporting.track-pod.com/fullchain.pem (failure)
2019-09-23 01:26:17,959:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
    File "/usr/bin/certbot", line 9, in <module>
        load_entry_point('certbot==0.31.0', 'console_scripts', 'certbot')()
    File "/usr/lib/python2.7/site-packages/certbot/main.py", line 1365, in main
        return config.func(config, plugins)
    File "/usr/lib/python2.7/site-packages/certbot/main.py", line 1272, in renew
        renewal.handle_renewal_request(config)
    File "/usr/lib/python2.7/site-packages/certbot/renewal.py", line 477, in handle_renewal_request
        len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 0 parse failure(s)

But when I run certbot by hand using sudo certbot renew all works fine.

nginx is available in path:

  [root@prod-centos letsencrypt]# nginx -v                                                                                                                                                                                                                                                                                                                                  
  nginx version: nginx/1.12.2                                                                                                                                                                                                                                                                                                                                               
  [root@prod-centos letsencrypt]# which nginx                                                                                                                                                                                                                                                                                                                               
  /sbin/nginx                                                                                                                                                                                                                                                                                                                                                               
  [root@prod-centos letsencrypt]# echo $PATH                                                                                                                                                                                                                                                                                                                                
  /sbin:/bin:/usr/sbin:/usr/bin

mnordhoff · September 24, 2019, 12:17pm

Is /sbin included in $PATH in the cron environment?

alex-fomin · September 24, 2019, 12:30pm

You are right, /sbin was not included into cron $path environment.Will try to add it.
Thank you!

system · October 24, 2019, 12:40pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cronjob to renew cert via certbot-auto is failing Server	3	1798	April 2, 2017
Certbot auto renewal Help	15	2564	March 1, 2019
Auto-renewal debugging, any official guide? Help	3	1459	January 13, 2017
Unable auto renew by crontab under centos / nginx Help	12	3637	November 5, 2016
No renewals were attempted. no renewal failures Help	7	3738	February 2, 2018

Failed to autorenew from cron - Could not find a usable 'nginx' binary

Related topics