Failed to renew сertificates

bigkrp · July 13, 2020, 10:30am

My domain is: politkrytyka.org

I ran this command: sudo certbot renew --dry-run

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/politkrytyka.org.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Attempting to renew cert (politkrytyka.org) from /etc/letsencrypt/renewal/politkrytyka.org.conf produced an unexpected error: urn:ietf:params:acme:error:malformed :: The request message was malformed :: Method not allowed. Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/politkrytyka.org/fullchain.pem (failure)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates below have not been saved.)

All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/politkrytyka.org/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates above have not been saved.)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)

My web server is (include version): nginx/1.12.1

The operating system my web server runs on is (include version):

NAME=Fedora
VERSION="27 (Cloud Edition)"
ID=fedora
VERSION_ID=27
PRETTY_NAME="Fedora 27 (Cloud Edition)"
ANSI_COLOR="0;34"
CPE_NAME="cpe:/o:fedoraproject:fedora:27"
HOME_URL="https://fedoraproject.org/"
SUPPORT_URL="https://fedoraproject.org/wiki/Communicating_and_getting_help"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=27
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=27
PRIVACY_POLICY_URL="https://fedoraproject.org/wiki/Legal:PrivacyPolicy"
VARIANT="Cloud Edition"
VARIANT_ID=cloud

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.27.1

_az · July 13, 2020, 10:44am

It looks like Fedora 27 is EOL. It’s missing required updates to the python3-acme package to be compatible with the Let’s Encrypt’s ACME/RFC8555 implementation.

I think unless you get Certbot from snaps or from certbot-auto, you won’t be able to use it any longer.

I’ve filed https://github.com/certbot/website/pull/607 to update the minimum version on the Certbot website to Fedora 31.

system · August 12, 2020, 10:44am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Attempting to renew cert from /etc/letsencrypt/renewal/domain.conf produced an unexpected error: urn:ietf:params:acme:error:malformed :: The request message was malformed :: Method not allowed. Skipping Help	10	15060	February 19, 2020
Attempting to renew cert failing Help	3	2343	July 24, 2020
All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/fullchain.pem (failure) Help	7	23678	March 3, 2019
Unable to renew SSL certificate using certbot Help	19	3999	August 4, 2022
Certbot renew failed most of the time Help	15	560	November 23, 2023

Failed to renew сertificates

Related topics