Help sudo certbot renew --noninteractive --post-hook "service xxx restart" Fails

Very true, but that's why I suggested the Certbot documentation :slight_smile:

3 Likes

I know RTFM I say it all the time but sometimes its just mud.

Could you please specify what issue you're running into with the documentation in this case? If it's a significant issue, we might suggest the Certbot team to clarify their documentation.

2 Likes

Just me I made certain assumptions. truth be told I used to do this manually every 3 moths. I though this certbot thing would have automated it. It does but I didn't account for (and I should have known) the TXT records update

Not sure how I want to proceed now - Find a script for Network Solutions and GoDaddy since I have domains on both

You need to demonstrate domain control every time* you request a cert (and "renewing" is still requesting a cert). It doesn't matter whether you're requesting a cert for a base domain, a subdomain, or a combination of the two, you still need to validate that you control every name on the cert. If you're using DNS validation (as you are), that means adding (and removing, once validation is complete) TXT records.

*"every time", unless you request a second cert while the first authorization is still valid--it's good for a few weeks.

3 Likes

Yes, always.
One new TXT record for each name included in the cert.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.