I have had problems renewing the certificates for my domain and subdomains.
I run OMV5 with NGINX and I have subdomains for wordpress, Airsonic, Netdata, pwndrop etc.
Renewing is same problem on all domains and subdomains.
From NGINX I get "internal error" no matter what I do and same error in the NGINX log as described below.
I am NOT a power user but i'll manage...
I have had this problem since 2 months. Had not had the time to fix it since it's not critical.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I've had my server up and running about 1.5 years without problems. The autorenew function has had problems on some occasions but now I can't even manually update certificates.
I haven't done any changes to the domain or Cloudflare.
Looks like all config and certificates has disappeared but how can that be and why can't I create new ones? I have also tried creating new ones instead of renewing but same error message appear. Will a fresh install om NGINX help you think?
I've already tried that. I deleted and got a new but no luck =(
at ChildProcess.exithandler (child_process.js:308:12)
at ChildProcess.emit (events.js:314:20)
at maybeClose (internal/child_process.js:1022:16)
at Socket.<anonymous> (internal/child_process.js:444:11)
at Socket.emit (events.js:314:20)
at Pipe.<anonymous> (net.js:675:12)
[9/23/2021] [7:58:03 PM] [SSL ] › info Renewing SSL certs close to expiry...
[9/23/2021] [8:03:46 PM] [SSL ] › error Error: Command failed: certbot renew --non-interactive --quiet --config "/etc/letsencrypt.ini" --preferred-challenges "dns,http" --disable-hook-validation
Failed to renew certificate npm-16 with error: Some challenges have failed.
Failed to renew certificate npm-17 with error: Some challenges have failed.
Failed to renew certificate npm-20 with error: Some challenges have failed.
Failed to renew certificate npm-21 with error: Some challenges have failed.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/npm-16/fullchain.pem (failure)
/etc/letsencrypt/live/npm-17/fullchain.pem (failure)
/etc/letsencrypt/live/npm-20/fullchain.pem (failure)
/etc/letsencrypt/live/npm-21/fullchain.pem (failure)
4 renew failure(s), 0 parse failure(s)
at ChildProcess.exithandler (child_process.js:308:12)
at ChildProcess.emit (events.js:314:20)
at maybeClose (internal/child_process.js:1022:16)
at Socket. (internal/child_process.js:444:11)
at Socket.emit (events.js:314:20)
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
[9/23/2021] [8:46:38 PM] [Nginx ] › info Reloading Nginx
[9/23/2021] [8:46:40 PM] [Nginx ] › info Reloading Nginx
I've tried that as well. The other day i'v even tried getting a cloudflkare cert with 15years of expiry time...so I guess the problem is not in the Certbot but somewhere elsa... still clueless
When I visit your site with a browser I get an "Error 1020" from Cloudflare. These are not related to certificates but to firewall settings. I got the same msg with music.brynare.com and drop.brynare.com.
Further, using openssl I see your server sends the Cloudflare cert you got in June which is good thru Jun 2022. I don't see that your past Lets Encrypt certificates are being used.
See this Cloudflare community topic to fix the 1020 message: