No renewals were attempted. no renewal failures

schepens83 · January 1, 2018, 9:38am

Hello

I had a crontab autorenew the certificates, but something went wrong. I'm trying to find out what, but I can't find any useful posts here. Running the command manually gives the same result.

The (crontab) command:
certbot renew --config-dir ~/.certbot/config --logs-dir ~/.certbot/logs --work-dir ~/.certbot/work

Log output:
2018-01-01 09:25:05,844:DEBUG:certbot.main:certbot version: 0.14.2
2018-01-01 09:25:05,844:DEBUG:certbot.main:Arguments: ['--config-dir', '/home/beliep/.certbot/config', '--logs-dir', '/home/beliep/.certbot/logs', '--work-dir', '/home/beliep/.certbot/work', '--force-renewal', '-v']
2018-01-01 09:25:05,845:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-01-01 09:25:05,859:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f614f7b4310> and installer <certbot.cli._Default object at 0x7f614f7b4310>
2018-01-01 09:25:05,859:DEBUG:certbot.cli:Default Detector is Namespace(account=<certbot.cli._Default object at 0x7f614f7afb50>, agree_dev_preview=None, allow_subset_of_names=<certbot.cli._Default object at 0x7f614f7af910>, apache=<certbot.cli._Default object at 0x7f614f7b4bd0>, authenticator=<certbot.cli._Default object at 0x7f614f7b4310>, break_my_certs=<certbot.cli._Default object at 0x7f614f7b4790>, cert_path=<certbot.cli._Default object at 0x7f614f799410>, certname=<certbot.cli._Default object at 0x7f614f7a0d50>, chain_path=<certbot.cli._Default object at 0x7f614f799ad0>, checkpoints=<certbot.cli._Default object at 0x7f614f7a0ad0>, config_dir='/home/beliep/.certbot/config', config_file=None, configurator=<certbot.cli._Default object at 0x7f614f7b4310>, csr=<certbot.cli._Default object at 0x7f614f7a0ed0>, debug=<certbot.cli._Default object at 0x7f614f7b4290>, debug_challenges=<certbot.cli._Default object at 0x7f614f7b4390>, dialog=None, domains=<certbot.cli._Default object at 0x7f614f7a0c50>, dry_run=<certbot.cli._Default object at 0x7f614f7a0e50>, duplicate=<certbot.cli._Default object at 0x7f614f7afc50>, eff_email=<certbot.cli._Default object at 0x7f614f7af290>, email=<certbot.cli._Default object at 0x7f614f7af190>, expand=<certbot.cli._Default object at 0x7f614f7af590>, force_interactive=<certbot.cli._Default object at 0x7f614f7a0b50>, fullchain_path=<certbot.cli._Default object at 0x7f614f799890>, func=<function renew at 0x7f614f88fd70>, hsts=<certbot.cli._Default object at 0x7f614f7afc10>, http01_port=<certbot.cli._Default object at 0x7f614f7b4690>, ifaces=<certbot.cli._Default object at 0x7f614f799090>, init=<certbot.cli._Default object at 0x7f614f7a08d0>, installer=<certbot.cli._Default object at 0x7f614f7b4310>, key_path=<certbot.cli._Default object at 0x7f614f799650>, logs_dir='/home/beliep/.certbot/logs', manual=<certbot.cli._Default object at 0x7f614f7b4ed0>, manual_auth_hook=<certbot.cli._Default object at 0x7f614f7b9150>, manual_cleanup_hook=<certbot.cli._Default object at 0x7f614f7b9290>, manual_public_ip_logging_ok=<certbot.cli._Default object at 0x7f614f7b9390>, must_staple=<certbot.cli._Default object at 0x7f614f7b4990>, nginx=<certbot.cli._Default object at 0x7f614f7b4cd0>, nginx_ctl=<certbot.cli._Default object at 0x7f614f7b95d0>, nginx_server_root=<certbot.cli._Default object at 0x7f614f7b9110>, no_bootstrap=<certbot.cli._Default object at 0x7f614f7aff50>, no_self_upgrade=<certbot.cli._Default object at 0x7f614f7afe50>, no_verify_ssl=<certbot.cli._Default object at 0x7f614f7b4490>, noninteractive_mode=<certbot.cli._Default object at 0x7f614f7a0a50>, num=<certbot.cli._Default object at 0x7f614f791c90>, os_packages_only=<certbot.cli._Default object at 0x7f614f7afd50>, post_hook=<certbot.cli._Default object at 0x7f614f791150>, pre_hook=<certbot.cli._Default object at 0x7f614f803ed0>, pref_challs=<certbot.cli._Default object at 0x7f614f803c50>, prepare=<certbot.cli._Default object at 0x7f614f7a0590>, quiet=<certbot.cli._Default object at 0x7f614f7b4090>, reason=<certbot.cli._Default object at 0x7f614f7a0cd0>, redirect=<certbot.cli._Default object at 0x7f614f7affd0>, register_unsafely_without_email=<certbot.cli._Default object at 0x7f614f7a0f50>, reinstall=<certbot.cli._Default object at 0x7f614f7af490>, renew_by_default=True, renew_hook=<certbot.cli._Default object at 0x7f614f791450>, renew_with_new_domains=<certbot.cli._Default object at 0x7f614f7af810>, rsa_key_size=<certbot.cli._Default object at 0x7f614f7b4890>, server=<certbot.cli._Default object at 0x7f614f7b4510>, staging=<certbot.cli._Default object at 0x7f614f7b4190>, standalone=<certbot.cli._Default object at 0x7f614f7b4dd0>, standalone_supported_challenges=<certbot.cli._Default object at 0x7f614f7b96d0>, staple=<certbot.cli._Default object at 0x7f614f7af450>, strict_permissions=<certbot.cli._Default object at 0x7f614f803bd0>, text_mode=<certbot.cli._Default object at 0x7f614f7a0950>, tls_sni_01_port=<certbot.cli._Default object at 0x7f614f7b4590>, tos=<certbot.cli._Default object at 0x7f614f7afa50>, uir=<certbot.cli._Default object at 0x7f614f7af7d0>, update_registration=<certbot.cli._Default object at 0x7f614f7af090>, user_agent=<certbot.cli._Default object at 0x7f614f791ed0>, validate_hooks=<certbot.cli._Default object at 0x7f614f791650>, verb='renew', verbose_count=True, webroot=<certbot.cli._Default object at 0x7f614f7b4fd0>, webroot_map=<certbot.cli._Default object at 0x7f614f7b98d0>, webroot_path=<certbot.cli._Default object at 0x7f614f7b94d0>, work_dir='/home/beliep/.certbot/work')
2018-01-01 09:25:05,867:DEBUG:certbot.log:Root logging level set at 10
2018-01-01 09:25:05,867:INFO:certbot.log:Saving debug log to /home/beliep/.certbot/logs/letsencrypt.log
2018-01-01 09:25:05,868:DEBUG:certbot.renewal:no renewal failures

The certificates seem not to have updated. (crt.sh | www.picture-scraps.com)

I followed advice in this post:

But I did not move the folder as was the case in that post. Content of the folder is:
www.picture-scraps.com.conf

Hope anyone can point me in the right direction?
Thx!

schoen · January 2, 2018, 3:05am

Hi @schepens83,

What do you get from running certbot certificates?

schepens83 · January 2, 2018, 8:04am

Hi Schoen

It says:

Found the following certs:
Certificate Name: www.picture-scraps.com
Domains: www.picture-scraps.com www.poesieplaatjes.nl
Expiry Date: 2017-12-30 11:12:33+00:00 (INVALID: EXPIRED)
Certificate Path: /etc/letsencrypt/live/www.picture-scraps.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.picture-scraps.com/privkey.pem

schoen · January 2, 2018, 5:34pm

And what’s the output from certbot renew?

schoen · January 2, 2018, 5:35pm

It might be a problem about overriding the directories to use ~/.certbot instead of /etc/letsencrypt because your existing certificate (or at least one version of it) is in /etc/letsencrypt. But I’m not very sure of this hypothesis.

schepens83 · January 3, 2018, 10:30am

That seems to work!

Output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/www.picture-scraps.com.conf

Cert is due for renewal, auto-renewing…
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for www.picture-scraps.com
tls-sni-01 challenge for www.poesieplaatjes.nl
nginx: [warn] duplicate MIME type “text/html” in /etc/nginx/nginx.conf:57
Waiting for verification…
Cleaning up challenges
nginx: [warn] duplicate MIME type “text/html” in /etc/nginx/nginx.conf:55
nginx: [warn] duplicate MIME type “text/html” in /etc/nginx/nginx.conf:55

new certificate deployed with reload of nginx server; fullchain is
/etc/letsencrypt/live/www.picture-scraps.com/fullchain.pem

Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/www.picture-scraps.com/fullchain.pem (success)

I don’t see a new update here, but that might have some delay.

How can I ensure the next renewal goes well via crontab? Leave out all the flags in the command? I’m not entirely sure why I put them in in the first place, but I think it had something to do with running it via crontab. Must have followed an online tutorial somewhere…

schoen · January 3, 2018, 5:16pm

Yes, if it worked without those flags, I’d suggest removing them in your cron job too.

system · February 2, 2018, 5:16pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Automated renewal of cert fails Help	11	6777	March 23, 2017
Failed to autorenew from cron - Could not find a usable 'nginx' binary Help	3	5778	October 24, 2019
Auto-renewal debugging, any official guide? Help	3	1457	January 13, 2017
Certbot Renew Fails when in Crontab but not when typed in? Help	2	2365	May 28, 2019
Certbot command fails from cronjob, but works fine when I run it manually Help	9	1843	May 28, 2021

No renewals were attempted. no renewal failures

Related topics