Letsencrypt-auto does not work anymore


I added a subdomain and wanted to renew the certificate with my wrapper.sh but I get:
Skipped user interaction because Certbot doesn’t appear to be running in a terminal. You should probably include --non-interactive or --force-interactive on the command line.

I addes --none-interactive to the script and get:
certbot: error: unrecognized arguments: --none-interactive

My wrapper.sh looks like this:
/usr/local/letsencrypt/letsencrypt-auto --none-interactive --cert-name amimanera.de -d amimanera.de -d conference.amimanera.de -d imap.amimanera.de -d meeting.amimanera.de -d smtp.amim
anera.de -d upload.amimanera.de -d www.amimanera.de -d proxy.amimanera.de --pre-hook “systemctl stop httpd” --post-hook “systemctl start httpd” >> /var/log/le-renew.log

What can I do to get this thing running again?

Kind regards


The argument is --non-interactive, not --none-interactive.

Now I get:

Missing command line flags. For non-interactive execution, you will need to specify a plugin on the command line.

I want my wrapper to be working again. It so nicely the last time.

Most likely you are missing letsencrypt-auto certonly -a standalone . I don’t see how your command would have succeeded any other way.

Your workflow seems odd. The typical way to handle things using certbot is to get a script with a shell command (specifying directories, cert names, pre- and post-hooks, plugins, and all the rest), and then run certbot renew (or letsencrypt-auto renew) daily to handle the renewal. All the options you specify when you obtain the cert are saved, and the renewal applies them. There isn't generally a need to run the whole thing from a script.

As the error tells you, your command is malformed. If you're running certbot with your webserver disabled (why?), you probably would want the "standalone" plugin: letsencrypt-auto standalone --non-interactive --cert-name ...

This one worked out. Thank you so much!

But I added a new subdomain and a renewal like my conventional wrapper does not consider this. I used to use:
/usr/local/letsencrypt/letsencrypt-auto renew --pre-hook “service httpd stop” --post-hook “service httpd start” >> /var/log/le-renew.log
The webserver is not disabled when cron runs the script.

The pre-hook and post-hook are unnecessary with the renew command if you used them when you issued the cert in the first place.

Yes, it is--the pre-hook shuts down the web server, and the post-hook starts it back up.

Thank you for your hints! I’ll rework my scripts.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.