We just got an expired certificate for domain www.komodal.co.
I have access to the server (only sudo user not root).
Server is Ubuntu 17.07
Certbot version 0.10.2-1
Whatever command I try to renew the certificate, it will use ACMEv1 API and so I got the error :
HTTPSConnectionPool(host=‘[acme-v01.api.letsencrypt.org ](http://acme-v01.api.letsencrypt.org/)’, port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError(’<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7fd384d92bd0>: Failed to establish a new connection: [Errno -2] Name or service not known’,))
When trying to update Certbot, it says 0.10.2-1 is the latest version...
Trying to force --server https://acme-v02.api.letsencrypt.org/directory
Gives me this :
sudo certbot -d komodal.co --manual --preferred-challenges dns certonly --server https://acme-v02.api.letsencrypt.org/directory Saving debug log to /var/log/letsencrypt/letsencrypt.log Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org Attempting to parse the version 1.9.0 renewal configuration file found at /etc/letsencrypt/renewal/XXXXXXX.com.conf with version 0.10.2 of Certbot. This might not work. Attempting to parse the version 1.9.0 renewal configuration file found at /etc/letsencrypt/renewal/XXXXXXXX.com.conf with version 0.10.2 of Certbot. This might not work. Attempting to parse the version 1.9.0 renewal configuration file found at /etc/letsencrypt/renewal/XXXXXXXX.com.conf with version 0.10.2 of Certbot. This might not work. Obtaining a new certificate Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org An unexpected error occurred: ConnectionError: HTTPSConnectionPool(host='acme-v01.api.letsencrypt.org', port=443): Max retries exceeded with url: /acme/new-authz (Caused by NewConnectionError('<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7f7ff3b6c590>: Failed to establish a new connection: [Errno -2] Name or service not known',)) Please see the logfiles in /var/log/letsencrypt for more details.
So it looks like it's using ACMEv2 at the beginning, then 'obtaining a new certificate' and then try to connect again to old API...
Can you help me figuring out how to create a new certificate for my website ?
I just can add that I'm in the process of moving the website komodal.co to our own server soon.
The person who used to manage this server kind of left without giving us any info or process for the server etc... so I won't risk to update Ubuntu for ex. on this server.
Hope you can help me !
My domain is: komodal.co
I ran this command:
It produced this output:
My web server is (include version): Apache/2.4.29 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 17.07
My hosting provider, if applicable, is: OVH
I can login to a root shell on my machine (yes or no, or I don't know): sudo user, not root
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): nope
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): 0.10.2-1