Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command:certbot certonly --cert-name a-view.org
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Could not open file: /etc/nginx/sites-enabled/159.65.74.127.conf
How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Nginx Web Server plugin - Alpha (nginx)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-3] then [enter] (press 'c' to cancel): 1
Plugins selected: Authenticator nginx, Installer None
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): lewis@neilson-levin.org
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Starting new HTTPS connection (1): supporters.eff.org
Please enter in your domain name(s) (comma and/or space separated) (Enter 'c'
to cancel): a-view.org lnotes.a-view.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for a-view.org
http-01 challenge for lnotes.a-view.org
Waiting for verification...
Cleaning up challenges
Could not open file: /etc/nginx/sites-enabled/159.65.74.127.conf
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/a-view.org/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/a-view.org/privkey.pem
Your cert will expire on 2018-11-30. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
"certbot renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
My web server is (include version):nginx/1.10.3 (Ubuntu)
The operating system my web server runs on is (include version):Ubuntu 16.04.4 LTS
My hosting provider, if applicable, is: Digital Ocean
I can login to a root shell on my machine (yes or no, or I don’t know):yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
Here is the confirmation that the cert was updated:
So, I was set up–probably incorrectly–for automatic renewals.
File /etc/cron.d/certbot looks like this:
# /etc/cron.d/certbot: crontab entries for the certbot package
#
# Upstream recommends attempting renewal twice a day
#
# Eventually, this will be an opportunity to validate certificates
# haven't been revoked, etc. Renewal will only occur if expiration
# is within 30 days.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew
I always forget the cron timing codes, but does this look right?
Why didn’t it happen? The file create date is Jul 21, 2018.
As the cron.d line states, if the system folder exists… It would not execute (I guess that’s why it’s not running correctly)
I actually have no idea about the certbot.timer one as I never used it… But I guess only one of the two need to exist… (Or it might cause conflicts I guess?) (Sorry I never used the timer one before…)
Hope others in this forum could assist you with this (auto run) issue…