This is not a new topic, but somehow I could not find an answer to my problem. When I first got a certificate, following some instructions I typed this command:
sudo certbot certonly --standalone
At the time my server was not running. But now that I want to renew my certificate the server is running and I don’t want it to stop. But when I try this command
sudo certbot renew --dry-run
there is a conflict my my server already using port 80. Also I don’t know what to do. Does anyone has a solution ?
Thanks, I’m not using either nginx nor apache. I want to use --webroot (together with --webroot-path), but I do not understand how things are suppose to work. In particular, it seems that the whole process is trying to access some file in https://domain/.well-known/acme-challenge/, which it can’t so far cause my server do not serve files in this directory yet.
What I do not understand is that the directory “.well-known/acme-challenge/” has not been created in the webroot directory that I specified. So even if my server serves the files inside “.well-known/acme-challenge/”, I don’t understand how it can work.
Do you know what are the different steps of the process and what are the things I need to do to make it work ?
Addition : now that I think about it, maybe the process removes the file before I can see it. I will check that…
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
--
Please read some basics about challenges:
Every webserver is able to send static content. If you don't want that, use dns validation.
If a Letsencrypt client has an option like --webroot, typically the two subdirectories are created.
Still another option is to use --pre-hook and --post-hook options to tell Certbot how to temporarily stop and restart your web server, in case you want to continue using --standalone with a web server application.
Thanks to all of you for your help. Sorry for haven’t put more effort in reading the doc. As expected, I just needed to serve my files properly and everything worked using --webroot together with --webroot-path.