How to renew certificate for nginx under ubuntu 14?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: sudo certbot renew --dry-run

It produced this output:

Could not choose appropriate plugin: The requested nginx plugin does not appear to be installed

Attempting to renew cert ( from /etc/letsencrypt/renewal/ produced an unexpected error: The requested nginx plugin does not appear to be installed. Skipping.

All renewal attempts failed. The following certs could not be renewed:

/etc/letsencrypt/live/ (failure)

My web server is (include version): nginx version: nginx/1.16.0 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 14.04.5 LTS

My hosting provider, if applicable, is: EC2

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.28.0

it seems python-certbot-nginx is not available for ubuntu 14? How can I install the nginx plugin?

Hi @David8

checking your older topic

there was a working nginx plugin:

Plugins selected: Authenticator nginx, Installer nginx

Why doesn't that work anymore?

is EOL. Perhaps try Certbot-Auto or switch to another client. Or update your Ubuntu.

1 Like

Or just use --webroot instead of --nginx

Certbot-auto isn’t guaranteed to work on 14.04 anymore, though last I heard it currently still does for now.

It would be better to upgrade to a supported OS, maintain your own branch of Certbot, or use an ACME client with more support for old systems.


thanks Juergen and all.

I’m planning to upgrade the OS, but I have a question:

  • I want to set up a new instance to avoid downtime for the website.
  • But if I set up a new instance with ubuntu 16, can I directly use certbot on this new instance? It will be a new IP.
  • Should I do certbot before I switch the new IP to the domain, or after?
  • Any other recommendation or things I should pay attention to??


Read the basics about Challenge types:

You can't use http validation on your new server if your domain points to your old server.

But you can always use manual and dns validation, that should always work -> do that on your old server, then you have a new certificate and a lot of time. Then use the new certificate on your new server (copy it manual).

You can do it with a bunch of extra work by creating a temporary additional name for the new server and creating an HTTP redirect from /.well-known/acme-challenge on the old server to the temporary name of the new server. Then the new server can successfully request a certificate for the old server’s name.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.