I started having problems renewing certificates for any of the domains on the two servers I am administering. These problems started happening as of update to more recent versions of Certbot. Right now I am running what I believe is the latest version, 1.0.0. It looks like Certbot is failing to restart nginx server. I can restart it manually using “/etc/init.d/nginx restart” command, but Certbot isn’t able to use that same command even if I provide it in command line (tried that too).
My domain is:
I ran this command:
certbot --nginx renew
It produced this output:
http-01 challenge for devel.webportal.ahlers.com
nginx: [alert] kill(27706, 1) failed (3: No such process)
Cleaning up challenges
nginx: [alert] kill(27706, 1) failed (3: No such process)
Encountered exception during recovery:
Traceback (most recent call last):
File “/usr/lib64/python3.6/site-packages/certbot/_internal/auth_handler.py”, line 70, in handle_authorizations
resps = self.auth.perform(achalls)
File “/usr/lib64/python3.6/site-packages/certbot_nginx/_internal/configurator.py”, line 1117, in perform
self.restart()
File “/usr/lib64/python3.6/site-packages/certbot_nginx/_internal/configurator.py”, line 914, in restart
nginx_restart(self.conf(‘ctl’), self.nginx_conf)
File “/usr/lib64/python3.6/site-packages/certbot_nginx/_internal/configurator.py”, line 1186, in nginx_restart
“nginx restart failed:\n%s\n%s” % (out.read(), err.read()))
certbot.errors.MisconfigurationError: nginx restart failed:
b’’
b’’
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File “/usr/lib64/python3.6/site-packages/certbot/_internal/error_handler.py”, line 124, in _call_registered
self.funcs-1
File “/usr/lib64/python3.6/site-packages/certbot/_internal/auth_handler.py”, line 243, in _cleanup_challenges
self.auth.cleanup(achalls)
File “/usr/lib64/python3.6/site-packages/certbot_nginx/_internal/configurator.py”, line 1135, in cleanup
self.restart()
File “/usr/lib64/python3.6/site-packages/certbot_nginx/_internal/configurator.py”, line 914, in restart
nginx_restart(self.conf(‘ctl’), self.nginx_conf)
File “/usr/lib64/python3.6/site-packages/certbot_nginx/_internal/configurator.py”, line 1186, in nginx_restart
“nginx restart failed:\n%s\n%s” % (out.read(), err.read()))
certbot.errors.MisconfigurationError: nginx restart failed:
b’’
b’’
Attempting to renew cert (devel.webportal.ahlers.com) from /etc/letsencrypt/renewal/devel.webportal.ahlers.com.conf produced an unexpected error: nginx restart failed:
b’’
b’’. Skipping.
Config file: /etc/letsencrypt/renewal/devel.webportal.ahlers.com.conf
renew_before_expiry = 30 days
version = 0.39.0
archive_dir = /etc/letsencrypt/archive/devel.webportal.ahlers.com
cert = /etc/letsencrypt/live/devel.webportal.ahlers.com/cert.pem
privkey = /etc/letsencrypt/live/devel.webportal.ahlers.com/privkey.pem
chain = /etc/letsencrypt/live/devel.webportal.ahlers.com/chain.pem
fullchain = /etc/letsencrypt/live/devel.webportal.ahlers.com/fullchain.pem
Options used in the renewal process
[renewalparams]
account = 60dc1d6b100757fd7baa1656fd210e91
authenticator = nginx
installer = nginx
server = https://acme-v02.api.letsencrypt.org/directory
My web server is (include version):
nginx/1.17.6
The operating system my web server runs on is (include version):
Gentoo/Linux Base System release 2.6
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 1.0.0
Any idea what is going wrong? It used to work just fine with the same configuration before.