Fullchain.pem (failure)

My domain is:utcl.co.ug

I ran this command: sudo certbot renew

It produced this output:

Attempting to renew cert (mail.utcl.co.ug) from /etc/letsencrypt/renewal/mail.utcl.co.ug.conf produced an unexpected error: '<' not supported between instances of 'int' and 'NoneType'. Skipping.
All renewal attempts failed. The following certs could not be renewed:
** /etc/letsencrypt/live/mail.utcl.co.ug/fullchain.pem (failure)**

My web server is (include version): Zentyal 6.2

The operating system my web server runs on is (include version): Ubuntu 18.04.6 LTS

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.31.0

Welcome @Ejust

That is a very unusual error. Would you show the contents of this file


Also, certbot 0.31.0 is very old. Ubuntu 18 supports a much newer snap version. See:

# renew_before_expiry = 30 days
version = 0.31.0
archive_dir = /etc/letsencrypt/archive/mail.utcl.co.ug
cert = /etc/letsencrypt/live/mail.utcl.co.ug/cert.pem
privkey = /etc/letsencrypt/live/mail.utcl.co.ug/privkey.pem
chain = /etc/letsencrypt/live/mail.utcl.co.ug/chain.pem
fullchain = /etc/letsencrypt/live/mail.utcl.co.ug/fullchain.pem

# Options used in the renewal process
account = bcedb0b640641e17c6bf8427386b5204
authenticator = apache
installer = apache
server = https://acme-v02.api.letsencrypt.org/directory

There is an unusual python error. Upgrading your certbot version might fix it. Otherwise, can you upload the /var/log/letsencrypt/letsencrypt.log file?

You will need to copy it to a .txt to upload

If you can only copy/paste it, please add 3 backticks before and after the contents (which will be very long) like this

pasted log contents


letsencrypt.txt (3.7 KB)

1 Like

Thanks. We'll need to wait for different expert like @Osiris or @_az


I suspect the corresponding /archive/ is in a non-standard configuration.

Could you please show the output of:

ls -l /etc/letsencrypt/archive/mail.utcl.co.ug

Although I fully agree upgrading to an up to date version of Certbot instead of one that was released 4 years ago is a very good idea too.


With Ubuntu 18.04 reaching the end of hardware and maintenance updates in 2 months, it might be worth upgrading the Zentyal 6.2 to Zentyal 7.0 as it is based on Ubuntu 20.04 LTS.


I think that one or more of the files out of the archive directory was deleted by hand. Answering Osiris' question should show what's going on.


Thank you for the continous support


1 Like

The cert.pem file is missing the number "1" - as seen on the remaining files.
Based on the matching timestamp, it had the "1" when created.
That means... something has altered that file name.



could it be okay if we, renamed the cert.pem file to cert1.pem an try the renewal.

I would try that.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.