Hanging on 'Cleaning up challenges'


#1

My domain is:
flexployment.co . <- Will not really help you tho, since I don’t have a website running on this domain yet.

I ran this command: sudo -E certbot certonly --non-interactive --agree-tos --manual-public-ip-logging-ok --manual-auth-hook ${script_location}’/auth_hook.sh’ --manual-cleanup-hook ${script_location}’/cleanup_hook.sh’ --server https://acme-v02.api.letsencrypt.org/directory --preferred-challenges dns-01 --manual -d ${domain} -d ‘*.’${domain} --cert-name ${cert_directory_name}

Note that this error also occurs when I run certbot certonly --force-renewal …

It produced this output:
It doesn’t produce much of an output, problem is that it keeps hanging on this:
Waiting for verification…
Cleaning up challenges
I am (not kidding) already waiting for 1.5 hours now, and it still keeps hanging.

The operating system my web server runs on is (include version):
Ubuntu 16.04 LTS,

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes.

Content of my auth_hook:

export TF_VAR_DOMAIN_NAME="${CERTBOT_DOMAIN}."
export TF_VAR_ACME_TXT_RECORD="${CERTBOT_VALIDATION}"
declare -A dns_zones
dns_zones=( ["flexployment.co"]="<ID>" )
export TF_VAR_DNS_MANAGED_ZONE=${dns_zones[${CERTBOT_DOMAIN}]}
txt_records_file="/tmp/txt-records"
txt_records=()
echo ${TF_VAR_ACME_TXT_RECORD} >> ${txt_records_file}

if [ $(wc -l < ${txt_records_file}) -gt "1" ] ; then #LE validates the domain with two TXT records. 
        for record in $(cat ${txt_records_file}) ; do
                txt_records+=(${record}) #Create an array that contains all the records. This array is passed to TF
        done
        export TF_VAR_TXT_RECORD_1=${txt_records[0]} # Only way to get the data into TF
        export TF_VAR_TXT_RECORD_2=${txt_records[1]}

        terraform apply --auto-approve
        sleep 70 # TTL is 60

        rm -r ${txt_records_file}

fi

Content of my cleanup.sh:
sudo -E terraform destroy -auto-approve # The one dash (-) is the right syntax for destroy.

Do you guys have any idea why Certbot keeps hanging?


#2

Hi @erikkn

You have created two certificates yesterday.

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:flexployment.co&lu=cert_search

Certbot or your cleanup-script may wait for a user-input. Perhaps one of your variables may not been set.

To test: Remove the cleanup-part (you can do this later manual), replace all variables with hard-coded entries.

PS: You can use the Letsencrypt-testsystem.


#3

Hi @JuergenAuer

Thanks for your fast reply, awesome :). You are right, I just created a separate function that I call after the ‘certbot certonly…’ command. My cleanup script expects some inputs. I just fixed it and will mark this post as solved :).

Cheers,


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.