Letsencrypt-auto renew occurs error

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
letsencrypt-auto renew

It produced this output:

My web server is (include version):
apache2

The operating system my web server runs on is (include version):
ubuntu-14.04-64-server

My hosting provider, if applicable, is:
Ncloud

I can login to a root shell on my machine (yes or no, or I donโ€™t know):
yes

Iโ€™m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

Hi @asnike

your domain works with http / https, the certificate is created today with the two standard domain names

DNS-Name: notefolio.net
DNS-Name: www.notefolio.net

So it looks that you have fixed the timeout error of your tls-sni-01 - validation.

There are already two certificates created today:

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:www.notefolio.net;issuer_uid:4428624498008853827&lu=cert_search

You can create max. 5 certificates, then you must wait one week.

Additional: The tls-sni-01 - validation is deprecated. So try to use (your server sends apache header)

letsencrypt-auto renew --apache

to use your existing webserver. And you may add a redirect http -> https.

Hoping not to hijack a thread but this actually helped me with a similar problem but my mail server uses nginx for the webmail options. My auto renew shell was working in July but no more. I changed:
./certbot-auto --config /etc/letsencrypt/configs/my_real_domain.conf certonly (where my_real_domain is replaced with my actual domain)

To:
./letsencrypt-auto renew --nginx and it works now.

Of course I use these same certs in /etc/letsencrypt for dovecot and webmin as well as nginx. This changed way knows where the config file is.

I was dismayed when I opened my email client and got the cert warning. The cron driven update script tried to run on the 1st but it failed and I did not know it. Thanks!

1 Like

@dwstudeman, the recommended form is just ./certbot-auto renew. All of the other associated information for all certificates should be saved automatically and used for the renewal process.

OK, I see now, ./certbot-auto renew is all I needed on my update script. I tested and it does indeed work without all the other stuff. My original certonly flag probably did not help.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.