Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: www.myko-minions.com
I ran this command: I just ran the docker-compose up, it should renew it but says it cant be renewed.
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/myko-minions.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Failed to renew certificate myko-minions.com with error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.')
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/myko-minions.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
My web server is (include version): Nginx 1.15.2-alpine
The operating system my web server runs on is (include version): AWS EC2 Linux
My hosting provider, if applicable, is: /
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): 1.21.0
docker-compose:
ersion: "3.3"
services:
certbot:
image: certbot/certbot:latest
container_name: certbot
volumes:
- ./data/certbot/conf:/etc/letsencrypt/
- ./data/certbot/www:/var/www/certbot/
command: '/bin/sh -c ''while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g "daemon off;"'''
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
dashboard:
build:
context: ./apps/dashboard/
dockerfile: Dockerfile
args:
SYSTEM_API_URL: ${SYSTEM_API_URL}
WS_URL: ${WS_URL}
ports:
- "${DASHBOARD_PORT}:80"
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
site:
build:
context: ./apps/site/
dockerfile: Dockerfile
args:
GRAPHQL_API_ROOT_URL: ${SYSTEM_API_URL}/graphql
SYSTEM_API_URL: ${SYSTEM_API_URL}
ports:
- "${SITE_PORT}:80"
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
system:
build:
context: ./apps/system/
dockerfile: Dockerfile
args:
This is just a part of docker-compose, pasted the part which contains certbot parts. Nginx is being run from a Dockerfile (Dont know why, I'm just trying to clean up someone else's mess)
sudo ls -l /etc/letsencrypt/live/myko-minions.com output:
total 4
-rw-r--r-- 1 root root 692 May 16 2022 README
lrwxrwxrwx 1 root root 40 Jan 25 12:20 cert.pem -> ../../archive/myko-minions.com/cert1.pem
lrwxrwxrwx 1 root root 41 Jan 25 12:20 chain.pem -> ../../archive/myko-minions.com/chain1.pem
lrwxrwxrwx 1 root root 45 Jan 25 12:20 fullchain.pem -> ../../archive/myko-minions.com/fullchain1.pem
lrwxrwxrwx 1 root root 43 Jan 25 12:20 privkey.pem -> ../../archive/myko-minions.com/privkey1.pem
sudo certbot certificates output:
Found the following certs:
Certificate Name: myko-minions.com
Serial Number: (Removed this, not sure if I should share it)
Key Type: RSA
Domains: *.myko-minions.com myko-minions.com
Expiry Date: 2022-08-14 22:21:00+00:00 (INVALID: EXPIRED)
Certificate Path: /etc/letsencrypt/live/myko-minions.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/myko-minions.com/privkey.pem