Installing as 'letsencrypt' rather than 'certbot'

Help
61

Uh oh :o redtext
$ certbot renew --cert-name benrothman.org --force-renewal

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/benrothman.org.conf

Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for benrothman.org
tls-sni-01 challenge for www.benrothman.org
TLS-SNI-01 is deprecated, and will stop working soon.
Cleaning up challenges
Attempting to renew cert (benrothman.org) from /etc/letsencrypt/renewal/benrothman.org.conf produced an unexpected error: Problem binding to port 443: Could not bind to IPv4 or IPv6.. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/benrothman.org/fullchain.pem (failure)

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/benrothman.org/fullchain.pem (failure)

1 renew failure(s), 0 parse failure(s)

62

Yeah, thatā€™s what I thought haha.

certbot renew --cert-name benrothman.org --webroot -w /srv/users/serverpilot/apps/portfolio/public --post-hook "service nginx-sp reload" --force-renewal

The trickiness with Certbot is that it doesnā€™t actually save your new settings unless itā€™s performing a live certificate issuance/renewal.

So if you run this ^, it should:

  1. Actually issue a live certificate
  2. Actually save your new settings, so the automatic Certbot cronjob will know how to successfully renew the cert on its own.

Edit: looks like it succeeded, hooray! Hopefully this is the last time you ever have to read the words ā€œCertbotā€ :wink: .

63

woah, no redtext, I think we are good for now and the future!

https://www.google.com/search?q=yes+baby+meme&rlz=1C5CHFA_enUS756US756&source=lnms&tbm=isch&sa=X&ved=0ahUKEwj259ft7v3fAhWEiOAKHfaBCUwQ_AUIDigB&biw=1920&bih=1271#imgrc=OjqpmxvHk4Ma5M:

thank you so much for stickin with me forā€¦ wow almost 4 hours? if you lived near me Iā€™d buy you a beer but I think you live in Australia which is a problem, lol

64

I forgot to ask this, when I have to renew in April I just run the previous command, yes?

65

No!!! The point of all this pain was to make it automatic. Your server will renew the certificate on its own and reload nginx on itā€™s own. If you died today, it should keep renewing on its own forever.

66

haha oh ok awesome! I tried to set up a crontask for this last year but I could never get it to work. If it works now then awesome. Lol, Iā€™ve thought about that, what if someone who runs a website makes a crontask or an autorenewal for their hosting subscription and then dies. It will just always be there until the world ends, lol

67

oh shit, is that exactly what fleetssl is going to be for?

68

At this point itā€™s vaporware :stuck_out_tongue: (split into smaller, less ambitious projects). Maybe one day it will be finished.

BTW, you can probably apt-get remove letsencrypt now, so you donā€™t have overlapping cronjobs.

69

rofl! I have never heard the term vaporware but it is a very necessary word!

70

btw I canā€™t run logout or exit in my ssh connection to the serverā€¦ any idea what thats about?

71

When that happens to me I usually press the ā€œemergency abortā€ sequence:

Return + ~ + .

72

What happens? Does ā€œjobsā€ show anything?

73

oh haha I had nano open! lol I looked up a few lines and it said ā€œuse fg to return to nanoā€

74

thanks for checkin in, so _az answered me almost immediately for a few hoursā€¦ you should make him a mod or somethingā€¦

some kind of cool bonus also works, lol

75

lol ok my joke did not landā€¦ XD

well thanks!

76

@_az Omfg. I was upgrading my server and it messed up the certbot installation, so I am back to letsencrypt rather than certbot . I am reading the convo from above but I do not see the solution! Do you remember how we installed certbot rather than letsencrypt?

1 Like
77

Iā€™m pretty sure you used these instructions: https://certbot.eff.org/lets-encrypt/ubuntuxenial-other

The key was to install certbot and not python-certbot-apache (since you cannot overwrite the Apache package installed by ServerPilot).

1 Like
78

yes thank you old friend, it is fixed nowā€¦ (that was a lot quicker than last time) itā€™s a good thing this thread had not expired yetā€¦ another week or two and it would all be gone XD

2 Likes
79

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.