Howdy! I’m having a bunch of trouble renewing a certificate with certbot. The certificate was issued just fine, but I can’t get renewal to work. Operating system is Debian 10.0 “Buster”. Typical error in my logs is as follows:
Aug 25 01:21:17 green certbot: Attempting to renew cert (www.metzdowd.com) from /etc/letsencrypt/renewal/www.metzdowd.com.conf produced an unexpected error: Failed authorization procedure. www.metzdowd.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://www.metzdowd.com/.well-known/acme-challenge/EtFGGDI2ekXbUjTM2oO-4wkMcghNPrCHz4sMjk7kUHY: Connection refused. Skipping. Aug 25 01:21:17 green certbot: All renewal attempts failed. The following certs could not be renewed: Aug 25 01:21:17 green certbot: /etc/letsencrypt/live/www.metzdowd.com/fullchain.pem (failure) Aug 25 01:21:17 green certbot: 1 renew failure(s), 0 parse failure(s) Aug 25 01:21:17 green systemd: certbot.service: Main process exited, code=exited, status=1/FAILURE Aug 25 01:21:17 green systemd: certbot.service: Failed with result 'exit-code'. Aug 25 01:21:17 green systemd: Failed to start Certbot. Aug 25 01:40:58 green sshd: Disconnected from user root 22.214.171.124 port 54370
My domain is: www.metzdowd.com
I ran this command: nightly automated job, plus tried
certbot -v renew and can’t figure out what the output means.
It produced this output:
I can cut and paste portions of the output of
certbot -v renew if someone wants them. I’m not sure how to interpret them; some parts make sense, some don’t.
My web server is (include version): lighttpd 1.4.53
The operating system my web server runs on is (include version): see above, Debian 10.0 “Buster”
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot):