12.04 doesn’t have a version of libaugeas0 that’s recent enough for certbot's apache plugin. You’ll have to stick with the webroot plugin or switch to a more recent version of Ubuntu (>= 14.04).
Upgrading Ubuntu seems like a multi-day or multi-week project. I prefer not to upgrade Ubuntu if I didn’t have to.
Why do I need the apache or webroot plugin?
What are they supposed to do? Can I simply run certbot-auto --renew
How do I use the webroot plugin? Do I run the following?:
$ sudo ./certbot-auto --webroot
If I run certbot-auto --webroot , then will that be good enough before I run certbot-auto --renew ?
Renew uses the same configuration as was done on the initial certificate creation, so you won’t need to specify for renew.
Webroot is a plugin that drops the authorization files into your website root directory and relies on the existing server setup to serve the files over normal HTTP. It also requires that you set up the SSL configuration manually for your system. I personally have my own template and style for configuration, so I use webroot normally.
I ran:
/opt/letsencrypt$ sudo ./certbot-auto renew --dry-run --webroot
-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/example.com.conf
-------------------------------------------------------------------------------
2016-07-25 12:26:14,051:WARNING:certbot.renewal:An error occurred while parsing /etc/letsencrypt/renewal/example.com.conf. The error was Too many flags setting configurators/installers/authenticators 'apache' -> 'webroot'. Skipping the file.
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/example.com/fullchain.pem (failure)
Additionally, the following renewal configuration files were invalid:
/etc/letsencrypt/renewal/example.com.conf (parsefail)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
1 renew failure(s), 1 parse failure(s)
What am I doing wrong? What can I try next?
Do you still have the authenticator = apache line in your cli.ini? You’ll have to change that back to webroot now that we know the apache plugin is not available for you.
If the renew command still fails after that, please post the contents of your /etc/letsencrypt/renewal/example.com.conf.
Thanks for pointing that out. I changed it back to authenticator = webroot and now it works.
I ran the following and it worked:
/opt/letsencrypt$ sudo ./certbot-auto renew --webroot
Do I need --webroot ? Can I run just the following?
/opt/letsencrypt$ sudo ./certbot-auto renew
Your /etc/letsencrypt/renewal/example.com.conf file likely has a authenticator = webroot line (or something similar), so you wouldn’t need to use --webroot for the renew command.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.