Nginx Let's Encrypt Cert expired and cannot renew or create new

Mdenton342 · July 11, 2024, 10:47pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: node.knowltonmc.org

I ran this command: certbot renew

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/node.knowltonmc.org.conf

Renewing an existing certificate for node.knowltonmc.org
Failed to renew certificate node.knowltonmc.org with error: Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.

My web server is (include version): nginx/1.22.1

The operating system my web server runs on is (include version): Debian 6.1.76-1

My hosting provider, if applicable, is: Hetzner

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no (had Pterodactyl setup for game server management, but due to node.knowltonmc.org cert no longer working, Pterodactyl cannot be reached via Web)

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.1.0

Bruce5051 · July 11, 2024, 10:56pm

Hello @Mdenton342, welcome to the Let's Encrypt community.

What process do you presently have bind to TCP Port 80?
Can you stop that process?

Edit:
I tend to think that nginx/1.22.1 is binding to Port 80

$ curl -i http://node.knowltonmc.org/.well-known/acme-challenge/sometestfile
HTTP/1.1 404 Not Found
Server: nginx/1.22.1
Date: Thu, 11 Jul 2024 22:58:21 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive

<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

Please try rerunning with sudo certbot renew -vvv for increased verbosity.

Mdenton342 · July 11, 2024, 11:14pm

That looks like it did the trick, maybe this time I'll remember to setup auto renew. Thanks for the help!

Bruce5051 · July 11, 2024, 11:16pm

You are welcome @Mdenton342,
have a pleasant day.

Osiris · July 12, 2024, 5:27am

Or change the currently used standalone authenticator plugin to e.g. the nginx plugin?

system · August 11, 2024, 5:28am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
UBUNTU - certbot cant renew cant bind to port 80 Help	2	717	February 4, 2022
Nginx problem binding to port 80 Help	3	8609	March 1, 2019
Unable to auto renew LetsEncrypt Certificate for 4 years due to Nginx running Help	28	1257	February 9, 2024
Can not renew let's encrypt cert Help	14	1263	June 18, 2019
Renew My certificate Help	6	3767	July 28, 2019

Nginx Let's Encrypt Cert expired and cannot renew or create new

Related topics