Migrating from old letsencrypt to new certbot at UBUNTU

My decision was to abandon (the old and problematic) letsencript and adopt the new certbot (see use of PPA below)… It is a kind of migration. At this moment my old letsencrypt DNS CAA certificates expired (=no) and rest (trusted=yes) will expire in few days.

In this context, ideal is to maintain certificates, only renew it. The simplest standard procedure sudo certbot renew fails,

Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/xxxxx.org.conf
-------------------------------------------------------------------------------
Renewal configuration file /etc/letsencrypt/renewal/xxxxx.org.conf 
 produced an unexpected error: 
 'Namespace' object has no attribute 'apache_enmod'. Skipping.

No renewals were attempted.

Additionally, the following renewal configuration files were invalid: 
  /etc/letsencrypt/renewal/xxxxx.org.conf (parsefail)
0 renew failure(s), 1 parse failure(s)

What the correct procedure?

As I say, “ideal is to maintain certificates”… if impossible, other solution (?) is completely-reinstall-lets-encrypt-delete, but the context here is different and I can’t wayt more than 1 day to renew.

History

There are some problems with certbot at standard UBUNTU, but finally I am using “all standard and secure” with certbot,

• supposing Certbot PPA (semi-official) will be official.
• supposing “could be used with some caution” is today “no problem”, so using this endorsement.

----yellowtown.org.conf.txt (2.5 KB)

Can you post the contents of the .conf file that failed to parse? It might be possible to edit that and remove some of the extraneous information; then it will probably work correctly.

Hi @schoen, thanks the help. Ok, I posted the contents, see yellowtown.org.conf.txt.

Cool. This does seem to be a problem of a renewal configuration file created with one version and used with another. Could you try replacing it with this version? I tried to remove the items that would be unnecessary.

yellowtown.org.conf.txt (383 Bytes)

Nos últimos dias apareceram várias pessoas no fórum pedindo ajuda com seus sites hospedados no Brasil. Tem alguma idéia porque a índice de problemas (e, imagino, de uso) de Let’s Encrypt surgiu ultimamente? Aconteceu algo importante em relação ao HTTPS no Brasil?

Thanks @schoen! You simpliyed a lot the .conf file, this is a good tip for others that need to migrate. Now is running. Migration complete!

About Brazilians using (good!), is interesting to check statistics of new domains, and history of average prices of traditional HTTPS services… Only a guess… If new domains, current recession enforced unemployed people to be freelance, so they buy a domain, that is the cheapest way to build a brand… By other hand, “corruption perception” in our telecommunications-industry (scandals in the current recession) also make migration from payed to HTTPS free services, not make sense use “secure services” from corrupt big-companies

We can help all new Brazilians, by a Fast Guide, and I can translate it to portuguese (pt-BR).