Hi there,
Help! Sudden problem with renewing a LE certificate. Here are some details.
My domain is: sendy.colcolmail.co.uk
My web server is (include version): nginx 1.10.3
The operating system my web server runs on is (include version): ubuntu 16.04.03
My hosting provider, if applicable, is: AWS EC2
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): yes, webmin 1.941/virtualmin 6.08
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): ?
Problem started on Jan 24th. Error message from the automatic webmin renewal service is:
An error occurred requesting a new certificate for sendy.colcolmail.co.uk from Let's
Encrypt : Web-based validation failed : Failed to request certificate : <pre>Traceback
(most recent call last):
File "/usr/share/webmin/webmin/acme_tiny.py", line 198, in <module>
main(sys.argv[1:])
File "/usr/share/webmin/webmin/acme_tiny.py", line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca,
disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
File "/usr/share/webmin/webmin/acme_tiny.py", line 143, in get_crt
raise ValueError("Wrote file to {0}, but couldn't download {1}: {2}".format(wellknown_path,
wellknown_url, e))
ValueError: Wrote file to /home/sendy/public_html/.well-known/acme-challenge/3lkoagEKexItREBcO7Vxkd-UosLSx8C7hi-jc9dLUtg,
but couldn't download http://sendy.colcolmail.co.uk/.well-known/acme-challenge/3lkoagEKexItREBcO7Vxkd-UosLSx8C7hi-jc9dLUtg:
Error:
Url: http://sendy.colcolmail.co.uk/.well-known/acme-challenge/3lkoagEKexItREBcO7Vxkd-UosLSx8C7hi-jc9dLUtg
Data: None
Response Code: 404
Response: <html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.10.3 (Ubuntu)</center>
</body>
</html> DNS-based validation failed : Failed to request certificate : usage: acme_tiny.py [-h] --account-key ACCOUNT_KEY --csr CSR --acme-dir
ACME_DIR [--quiet] [--disable-check]
[--directory-url DIRECTORY_URL] [--ca CA]
[--contact [CONTACT [CONTACT ...]]]
acme_tiny.py: error: argument --acme-dir is required
The acme-challenge file is there, so I am not sure why the 404 is returned. This seems to work: https://letsdebug.net/sendy.colcolmail.co.uk/97582
Have looked at the following:
https://unboundtest.com/m/CAA/sendy.colcolmail.co.uk/3KDJUUNK
The first link has some scary ‘fatal error’ text. I am not a techie, so I am not sure what is going on. Bit worried that my LE cert will now expire within 2 weeks without a renewal.
Virtualmin has had issues with LE renewals, with the latest releases referring to LE/certbot:
I update to v1.930 to v1941 on Jan 25th, so a day after the renewal failures started.
I will ask on the Virtualmin forum about this but thought I would ask here as well, just in case anyone has any ideas?
Maynard