Hanging on 'Cleaning up challenges'

My domain is:
flexployment.co . <- Will not really help you tho, since I don’t have a website running on this domain yet.

I ran this command: sudo -E certbot certonly --non-interactive --agree-tos --manual-public-ip-logging-ok --manual-auth-hook ${script_location}’/auth_hook.sh’ --manual-cleanup-hook ${script_location}’/cleanup_hook.sh’ --server https://acme-v02.api.letsencrypt.org/directory --preferred-challenges dns-01 --manual -d ${domain} -d ‘*.’${domain} --cert-name ${cert_directory_name}

Note that this error also occurs when I run certbot certonly --force-renewal …

It produced this output:
It doesn’t produce much of an output, problem is that it keeps hanging on this:
Waiting for verification…
Cleaning up challenges
I am (not kidding) already waiting for 1.5 hours now, and it still keeps hanging.

The operating system my web server runs on is (include version):
Ubuntu 16.04 LTS,

I can login to a root shell on my machine (yes or no, or I don’t know):

Content of my auth_hook:

declare -A dns_zones
dns_zones=( ["flexployment.co"]="<ID>" )
echo ${TF_VAR_ACME_TXT_RECORD} >> ${txt_records_file}

if [ $(wc -l < ${txt_records_file}) -gt "1" ] ; then #LE validates the domain with two TXT records. 
        for record in $(cat ${txt_records_file}) ; do
                txt_records+=(${record}) #Create an array that contains all the records. This array is passed to TF
        export TF_VAR_TXT_RECORD_1=${txt_records[0]} # Only way to get the data into TF
        export TF_VAR_TXT_RECORD_2=${txt_records[1]}

        terraform apply --auto-approve
        sleep 70 # TTL is 60

        rm -r ${txt_records_file}


Content of my cleanup.sh:
sudo -E terraform destroy -auto-approve # The one dash (-) is the right syntax for destroy.

Do you guys have any idea why Certbot keeps hanging?

Hi @erikkn

You have created two certificates yesterday.


Certbot or your cleanup-script may wait for a user-input. Perhaps one of your variables may not been set.

To test: Remove the cleanup-part (you can do this later manual), replace all variables with hard-coded entries.

PS: You can use the Letsencrypt-testsystem.

Hi @JuergenAuer

Thanks for your fast reply, awesome :). You are right, I just created a separate function that I call after the ‘certbot certonly…’ command. My cleanup script expects some inputs. I just fixed it and will mark this post as solved :).


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.