Letsencrypt-auto does not work anymore

porrier · July 28, 2018, 11:56am

Hello!

I added a subdomain and wanted to renew the certificate with my wrapper.sh but I get:
Skipped user interaction because Certbot doesn’t appear to be running in a terminal. You should probably include --non-interactive or --force-interactive on the command line.

I addes --none-interactive to the script and get:
certbot: error: unrecognized arguments: --none-interactive

My wrapper.sh looks like this:
/usr/local/letsencrypt/letsencrypt-auto --none-interactive --cert-name amimanera.de -d amimanera.de -d conference.amimanera.de -d imap.amimanera.de -d meeting.amimanera.de -d smtp.amim
anera.de -d upload.amimanera.de -d www.amimanera.de -d proxy.amimanera.de --pre-hook “systemctl stop httpd” --post-hook “systemctl start httpd” >> /var/log/le-renew.log

What can I do to get this thing running again?

Kind regards

Andreas

danb35 · July 28, 2018, 11:57am

The argument is --non-interactive, not --none-interactive.

porrier · July 28, 2018, 11:59am

Now I get:

Missing command line flags. For non-interactive execution, you will need to specify a plugin on the command line.

porrier · July 28, 2018, 12:04pm

I want my wrapper to be working again. It so nicely the last time.

_az · July 28, 2018, 12:12pm

Most likely you are missing letsencrypt-auto certonly -a standalone . I don’t see how your command would have succeeded any other way.

danb35 · July 28, 2018, 12:12pm

Your workflow seems odd. The typical way to handle things using certbot is to get a script with a shell command (specifying directories, cert names, pre- and post-hooks, plugins, and all the rest), and then run certbot renew (or letsencrypt-auto renew) daily to handle the renewal. All the options you specify when you obtain the cert are saved, and the renewal applies them. There isn't generally a need to run the whole thing from a script.

As the error tells you, your command is malformed. If you're running certbot with your webserver disabled (why?), you probably would want the "standalone" plugin: letsencrypt-auto standalone --non-interactive --cert-name ...

porrier · July 28, 2018, 12:45pm

This one worked out. Thank you so much!

porrier · July 28, 2018, 12:52pm

But I added a new subdomain and a renewal like my conventional wrapper does not consider this. I used to use:
/usr/local/letsencrypt/letsencrypt-auto renew --pre-hook “service httpd stop” --post-hook “service httpd start” >> /var/log/le-renew.log
The webserver is not disabled when cron runs the script.

danb35 · July 28, 2018, 12:57pm

The pre-hook and post-hook are unnecessary with the renew command if you used them when you issued the cert in the first place.

Yes, it is--the pre-hook shuts down the web server, and the post-hook starts it back up.

porrier · July 28, 2018, 12:59pm

Thank you for your hints! I’ll rework my scripts.

system · August 27, 2018, 12:59pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.