Letsencrypt-auto does not work anymore


#1

Hello!

I added a subdomain and wanted to renew the certificate with my wrapper.sh but I get:
Skipped user interaction because Certbot doesn’t appear to be running in a terminal. You should probably include --non-interactive or --force-interactive on the command line.

I addes --none-interactive to the script and get:
certbot: error: unrecognized arguments: --none-interactive

My wrapper.sh looks like this:
/usr/local/letsencrypt/letsencrypt-auto --none-interactive --cert-name amimanera.de -d amimanera.de -d conference.amimanera.de -d imap.amimanera.de -d meeting.amimanera.de -d smtp.amim
anera.de -d upload.amimanera.de -d www.amimanera.de -d proxy.amimanera.de --pre-hook “systemctl stop httpd” --post-hook “systemctl start httpd” >> /var/log/le-renew.log

What can I do to get this thing running again?

Kind regards

Andreas


#2

The argument is --non-interactive, not --none-interactive.


#3

Now I get:

Missing command line flags. For non-interactive execution, you will need to specify a plugin on the command line.


#4

I want my wrapper to be working again. It so nicely the last time.


#5

Most likely you are missing letsencrypt-auto certonly -a standalone . I don’t see how your command would have succeeded any other way.


#6

Your workflow seems odd. The typical way to handle things using certbot is to get a script with a shell command (specifying directories, cert names, pre- and post-hooks, plugins, and all the rest), and then run certbot renew (or letsencrypt-auto renew) daily to handle the renewal. All the options you specify when you obtain the cert are saved, and the renewal applies them. There isn’t generally a need to run the whole thing from a script.

As the error tells you, your command is malformed. If you’re running certbot with your webserver disabled (why?), you probably would want the “standalone” plugin: letsencrypt-auto standalone --non-interactive --cert-name ...


#7

This one worked out. Thank you so much!


#8

But I added a new subdomain and a renewal like my conventional wrapper does not consider this. I used to use:
/usr/local/letsencrypt/letsencrypt-auto renew --pre-hook “service httpd stop” --post-hook “service httpd start” >> /var/log/le-renew.log
The webserver is not disabled when cron runs the script.


#9

The pre-hook and post-hook are unnecessary with the renew command if you used them when you issued the cert in the first place.

Yes, it is–the pre-hook shuts down the web server, and the post-hook starts it back up.


#10

Thank you for your hints! I’ll rework my scripts.


#11

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.