Impossible de renouveler mon certificat

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:imprimeboutique.com

My web server is (include version): apache debian 7

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): version letsenscrypt renewal version = 0.30.2

Je n’arrive pas à renouveler mon certificat qui a expiré au 2/5/19
merci pour votre aide

2

Hi @serpe

there is a check of your domain (~ 50 minutes old) - https://check-your-website.server-daten.de/?q=imprimeboutique.com

Some parts are good:

Domainname Http-Status redirect Sec. G
http://imprimeboutique.com/
151.80.42.25 301 https://imprimeboutique.com/ 0.050 A
http://www.imprimeboutique.com/
151.80.42.25 301 https://www.imprimeboutique.com/ 0.130 A
https://imprimeboutique.com/
151.80.42.25 -2 1.387 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 151.80.42.25:443
https://www.imprimeboutique.com/
151.80.42.25 -2 1.073 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 151.80.42.25:443
http://imprimeboutique.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
151.80.42.25 301 https://imprimeboutique.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 0.054 A
Visible Content: Moved Permanently The document has moved here .
http://www.imprimeboutique.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
151.80.42.25 301 https://www.imprimeboutique.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 0.053 A
Visible Content: Moved Permanently The document has moved here .
https://imprimeboutique.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de -2 1.077 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 151.80.42.25:443
Visible Content:
https://www.imprimeboutique.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de -2 1.080 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 151.80.42.25:443

Port 80 is open and answers.

But: You have a redirect http -> https. Normally, this isn't a problem, Letsencrypt follows these redirects.

But your https is blocked, looks like a firewall or something else.

So Letsencrypt can't validate the file

/.well-known/acme-challenge/random-token

So:

  • Open your firewall, then recheck your domain, the result of the last check should be http status 404 - Not Found (or)
  • remove the redirect http -> https, then recheck your domain to see if that works.

Then try to create a new certificate.

3

Rebonjour
j’ai exécuté la commande ./certbot-auto renew --dry-run dans root/letsencrypt
et voici la sortie, cele ne fonctionne toujours pas , il y a un délai d’attente ?
Bootstrapping dependencies for Debian-based OSes… (you can skip this with --no-bootstrap)
Ign http://debian.mirrors.ovh.net wheezy Release.gpg
Ign http://debian.mirrors.ovh.net wheezy Release
Ign http://debian.mirrors.ovh.net wheezy/main Sources/DiffIndex
Ign http://debian.mirrors.ovh.net wheezy/main amd64 Packages/DiffIndex
Atteint http://webmin.mirror.somersettechsolutions.co.uk sarge Release.gpg
Ign http://security.debian.org wheezy/updates Release.gpg
Atteint http://webmin.mirror.somersettechsolutions.co.uk sarge Release
Ign http://security.debian.org wheezy/updates Release
Ign http://security.debian.org wheezy/updates/main Sources/DiffIndex
Ign http://security.debian.org wheezy/updates/main amd64 Packages/DiffIndex
Atteint http://webmin.mirror.somersettechsolutions.co.uk sarge/contrib amd64 Packages
Ign http://security.debian.org wheezy/updates/main Translation-fr_FR
Ign http://security.debian.org wheezy/updates/main Translation-fr
Ign http://security.debian.org wheezy/updates/main Translation-en
Err http://security.debian.org wheezy/updates/main Sources
404 Not Found [IP : 2a04:4e42:1d::204 80]
Err http://security.debian.org wheezy/updates/main amd64 Packages
404 Not Found [IP : 2a04:4e42:1d::204 80]
Ign http://webmin.mirror.somersettechsolutions.co.uk sarge/contrib Translation-fr_FR
Ign http://webmin.mirror.somersettechsolutions.co.uk sarge/contrib Translation-fr
Ign http://webmin.mirror.somersettechsolutions.co.uk sarge/contrib Translation-en
Ign http://debian.mirrors.ovh.net wheezy/main Translation-fr_FR
Ign http://debian.mirrors.ovh.net wheezy/main Translation-fr
Ign http://debian.mirrors.ovh.net wheezy/main Translation-en
Err http://debian.mirrors.ovh.net wheezy/main Sources
404 Not Found [IP : 2001:41d0:202:100:213:32:5:7 80]
Err http://debian.mirrors.ovh.net wheezy/main amd64 Packages
404 Not Found [IP : 2001:41d0:202:100:213:32:5:7 80]
Ign http://ftp.debian.org wheezy-backports Release.gpg
Ign http://ftp.debian.org wheezy-backports Release
Ign http://ftp.debian.org wheezy-backports/main amd64 Packages/DiffIndex
Ign http://ftp.debian.org wheezy-backports/main Translation-fr_FR
Ign http://ftp.debian.org wheezy-backports/main Translation-fr
Ign http://ftp.debian.org wheezy-backports/main Translation-en
Err http://ftp.debian.org wheezy-backports/main amd64 Packages
404 Not Found [IP : 2001:67c:2564:a119::148:12 80]
Atteint http://download.webmin.com sarge Release.gpg
Atteint http://download.webmin.com sarge Release
Atteint http://download.webmin.com sarge/contrib amd64 Packages
Ign http://download.webmin.com sarge/contrib Translation-fr_FR
Ign http://download.webmin.com sarge/contrib Translation-fr
Ign http://download.webmin.com sarge/contrib Translation-en
W: Impossible de récupérer http://debian.mirrors.ovh.net/debian/dists/wheezy/main/source/Sources 404 Not Found [IP : 2001:41d0:202:100:213:32:5:7 80]

W: Impossible de récupérer http://debian.mirrors.ovh.net/debian/dists/wheezy/main/binary-amd64/Packages 404 Not Found [IP : 2001:41d0:202:100:213:32:5:7 80]

W: Impossible de récupérer http://security.debian.org/dists/wheezy/updates/main/source/Sources 404 Not Found [IP : 2a04:4e42:1d::204 80]

W: Impossible de récupérer http://security.debian.org/dists/wheezy/updates/main/binary-amd64/Packages 404 Not Found [IP : 2a04:4e42:1d::204 80]

W: Impossible de récupérer http://ftp.debian.org/debian/dists/wheezy-backports/main/binary-amd64/Packages 404 Not Found [IP : 2001:67c:2564:a119::148:12 80]

E: Le téléchargement de quelques fichiers d’index a échoué, ils ont été ignorés, ou les anciens ont été utilisés à la place.
apt-get update hit problems but continuing anyway…
Lecture des listes de paquets… Fait
Construction de l’arbre des dépendances
Lecture des informations d’état… Fait
gcc est déjà la plus récente version disponible.
python est déjà la plus récente version disponible.
python-dev est déjà la plus récente version disponible.
python-virtualenv est déjà la plus récente version disponible.
ca-certificates est déjà la plus récente version disponible.
libffi-dev est déjà la plus récente version disponible.
libssl-dev est déjà la plus récente version disponible.
openssl est déjà la plus récente version disponible.
augeas-lenses est déjà la plus récente version disponible.
libaugeas0 est déjà la plus récente version disponible.
0 mis à jour, 0 nouvellement installés, 0 à enlever et 177 non mis à jour.

Creating virtual environment…
Installing Python packages…
/opt/eff.org/certbot/venv/bin/python: No module named pip.main; ‘pip’ is a package and cannot be directly executed
Traceback (most recent call last):
File “/tmp/tmp.3tVg8425lY/pipstrap.py”, line 177, in
sys.exit(main())
File “/tmp/tmp.3tVg8425lY/pipstrap.py”, line 149, in main
pip_version = StrictVersion(check_output([python, ‘-m’, ‘pip’, ‘–version’])
File “/usr/lib/python2.7/subprocess.py”, line 544, in check_output
raise CalledProcessError(retcode, cmd, output=output)
subprocess.CalledProcessError: Command ‘[’/opt/eff.org/certbot/venv/bin/python’, ‘-m’, ‘pip’, ‘–version’]’ returned non-zero exit status 1

4

Debian Wheezy is End of life and not longer supported.

https://wiki.debian.org/DebianWheezy

Perhaps check if you can use another client.

But that

should work. Check your firewall.

5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.