Help updating from ACME TLS-SNI-01 domain validation

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: sudo certbot renew --dry-run (after updating certbot)

It produced this output:

Processing /etc/letsencrypt/renewal/

Cert not due for renewal, but simulating renewal for dry run

Plugins selected: Authenticator apache, Installer apache

Starting new HTTPS connection (1):

Renewing an existing certificate

Attempting to renew cert ( from /etc/letsencrypt/renewal/ produced an unexpected error: Deserialization error: Could not decode ‘status’ (‘ready’): Deserialization error: Status not recognized. Skipping.

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/ (failure)

My web server is (include version): Apache/2.4.18

The operating system my web server runs on is (include version): Ubuntu 14.04

My hosting provider, if applicable, is: Digital Ocean

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

I ran a certbot dry-run before updating (because I have LE certs on multiple domains across a couple different servers and the email I got warning me about ACME TLS didn’t specify which domain(s) it was. When I ran the dry-run originally, I didn’t get any errors.

I found instructions in another thread to update certbot from the EFF site and ran through those. All the updates seemed to work properly, but when I ran the dry-run again, I got the above error. Any thoughts? I set up Let’s Encrypt on this domain several years ago so I honestly don’t remember how I set it up at the time.

Hi @stegrainer

the status "ready" is from summer 2018:

So if your certbot doesn't understand this status, your certbot is too old.

What says

certbot --version
1 Like

The version said 0.22.2. I followed the instructions on this site:

Those instructions only specified installing python-certbot-apache. Once I installed certbot itself, everything ran fine.

1 Like

Are your packages up-to-date?

sudo apt-get update
sudo apt-get upgrade

If necessary:

sudo apt-get dist-upgrade

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.