How to update from Acme-V01 to Acme-V02

My domain is:
www.mayweg.com and other in the mayweg.com domain

I ran this command:
certbot-auto --debug renew

It produced this output:
Processing /etc/letsencrypt/renewal/www.mayweg.com.conf


Cert not yet due for renewal


My web server is (include version):
apache2-2.4.33-lp151.8.12.1.x86_64

The operating system my web server runs on is (include version):
openSUSE 15.1

My hosting provider, if applicable, is:
N/A

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 1.4.0

I have switched from the OS certbot 1.3 to certbot-auto because of the acme-v01 phase out. I have hoped, that would switch the renewal process to acme-v02. But there is still the acme-v01 URL in the renewal/*.conf files. As I have read in other threads in this site, I have modified the conf file to point to the acme-v02 URL. But after running the command again, the conf files have been rewrite with the acme-v01 URLs and the debug log show
DEBUG:certbot._internal.cli:Var server=https://acme-v01.api.letsencrypt.org/directory (set by user).
But where is that set? What have I have done or missed, that the switch to acme-v02 does not work? What do I need to do now?
TIA Patrick

Check /etc/letsencrypt/cli.ini.

If server is set there, you can just remove it.

1 Like

If this is happening, I can suggest two possible places to check:

  1. Any cronjobs. Sometimes people setup a cronjob along the lines of certbot renew -q --server https://acme-v02..., and that would cause the config file to get rewritten every time.
  2. /etc/letsencrypt/cli.ini, if it exists.
1 Like

Hi,
the 2nd point was the solution. I would like to suggest as an improvement to output where a variable is set. That would helped me very much.
Thx,
Patrick

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.