How to update Certbot 0.25


#1

following the email I received, i need to update my ACME client to use an alternative validation
method (HTTP-01, DNS-01 or TLS-ALPN-01) My current certbot version is 0.25. Can someone help me step by step please?

My domain is: www.karibbeancars.fr

My web server is (include version): raspberry pi

The operating system my web server runs on is (include version): Apache 2 / desbian 9 stretch


#2

You might try certbot renew --dry-run before trying to upgrade. If the dry run works without an error, it shouldn’t be needed.


#3

Thx for your answer Osiris but i have an error :slight_smile:

The following error was encountered:

[Errno 13] Permission denied: ‘/var/log/letsencrypt/.certbot.lock’

Either run as root, or set --config-dir, --work-dir, and --logs-dir to writeable paths.


#4

That would suggest there’s another instance of certbot running. Anything with ps aux | grep certbot?

If you’re sure there’s no certbot running, you can just remove the lock file, apparently some certbot instance left it there, perhaps when it crashed.


#5

Or perhaps…


#6

Hi Osiris,

i tried your command, here is the result :

pi 27840 0.0 0.0 4372 552 pts/0 S+ 19:15 0:00 grep --color=auto certbot


#7

I believe @rg305’s observation is right: you should run the command as root (probably via sudo).


#9

Instead of certbot renew --dry-run, you can run sudo certbot renew --dry-run (in order to find out whether your existing version will work without upgrading).


#10

sorry for my misunderstanding, I think the command worked i have this message :

** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)

Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/www.karibbeancars.fr/fullchain.pem (success)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)


#11

Great, this suggests that following the end of TLS-SNI-01 support, your existing version of Certbot should be able to switch over successfully to using the HTTP-01 method, without further changes.


#12

:tada::confetti_ball::tada:
Yesssssssssss, thx for that great news :slight_smile:
Thx to everybody for the help :pray: