My let's Encrypt expired. How to renew?

Hi Sirs,

The let's encrypt certificate was expired 31 july 2021. How can I renew the certificate? When I try with this

sudo certbot --apache -d exampledomain.com -d www.exampledomain.com

I got this error

Attempting to renew cert (exampledomain) from /etc/letsencrypt/renewal/exampledomain.conf produced an unexpected error: urn:ietf:params:acme:error:malformed :: The request message was malformed :: Method not allowed. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/exampledomain/fullchain.pem (failure)

Please help me to answer all Sirs.

Thanks. How can I renew? Thanks.

2 Likes

Can you make sure your version of certbot is update to date and confirm which version you are using?

3 Likes

Hi Sir my version is 0.22.2. Do I need to upgrade?

2 Likes

Yes, that's from March 2018. I'm not an expert on certbot versions but I do think you should upgrade.

3 Likes

Hi,

Let me know the command to upgrade the certbot. I am not familiar with command.

Thanks.

3 Likes

Sorry I don't know the commands for your operating system (or how you installed it etc). General instructions are at https://certbot.eff.org/

3 Likes

Hi,

I still got this error.

Attempting to renew cert (lightyears-comm.com) from /etc/letsencrypt/renewal/lightyears-comm.com.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: ACMEv1 is deprecated and you can no longer get certificates from this endpoint. Please use the ACMEv2 endpoint, you may need to update your ACME client software to do so. Visit End of Life Plan for ACMEv1 - #27 by jillian for more information.. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/lightyears-comm.com/fullchain.pem (failure)

Please help me.

Thanks.

2 Likes

Which version of certbot are you on now? As the error mentions ACME v1 has been retired a while ago.

Which OS version are you on?

There was good form you can fill out when you start a new post for help, it has all the usual questions you need to answer for people to be able to help you.

2 Likes

Hi Sir

The current version of certbot version is 0.22.2 and then it is ubuntu 16.04.

Whatever I run this command line that I got above error "sudo apt install --only-upgrade certbot".

Thanks.

2 Likes

Ok, the version of certbot that's distributed through apt is very old, to proceed I believe the best (most supported) course of action is to install snap, uninstall older versions of certbot then use the newer snap distribution of certbot. Here are the instructions for your platform (Apache and Ubuntu 16.04: Certbot - Ubuntuxenial Apache). I can't advise on any other aspects of the upgrade but I'd suggest working on a snapshot clone of your system before you do the real upgrade, if you can.

Your Ubuntu version is also very old (2016) so you should consider how you are going to migrate your websites to a newer operating system before it stops receiving security updates etc. I believe that version is already out of support for users who don't have an extended agreement with Ubuntu.

2 Likes

Hi Sir,

I solved it out by using this command "sudo certbot --server https://acme-v02.api.letsencrypt.org/directory" .

Thanks for your advice. Have a nice day! :slightly_smiling_face:

1 Like

Sorry, that's a risky hack, not a solution. I don't want future readers to be confused by this approach.

1 Like

Sorry Sir, I am not perfect and I am not saying that this is a good solution for everyone. This depends what I melt my problem on my end. This command can solved out only my problem. I hope you can understand.

Thanks.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.