OpenSSL Error x509

Help
1

Error:
OpenSSL.SSL.Error: [(‘x509 certificate routines’, ‘X509_load_cert_crl_file’, ‘no certificate or crl found’)]
2020-05-23 11:49:57,206:ERROR:certbot.log:An unexpected error occurred:

My domain is:
vtt.donnerstein.de
I ran this command:
sudo certbot --nginx
It produced this output:
OpenSSL.SSL.Error: [(‘x509 certificate routines’, ‘X509_load_cert_crl_file’, ‘no certificate or crl found’)]
2020-05-23 11:49:57,206:ERROR:certbot.log:An unexpected error occurred:
My web server is (include version):
nginx
The operating system my web server runs on is (include version):
ubuntu 20.04 lts
My hosting provider, if applicable, is:
my own (domain is hosted allinkl.com)
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
Certbot 0.40.0

1 Like
2

Can you post the rest of the traceback? If Certbot didn’t display it, it should be logged in /var/log/letsencrypt/.

1 Like
3

2020-05-23 11:49:46,259:DEBUG:certbot.main:certbot version: 0.40.0
2020-05-23 11:49:46,259:DEBUG:certbot.main:Arguments: [’–nginx’]
2020-05-23 11:49:46,260:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2020-05-23 11:49:46,290:DEBUG:certbot.log:Root logging level set at 20
2020-05-23 11:49:46,291:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-05-23 11:49:46,292:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
2020-05-23 11:49:46,749:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7efd7da72820>
Prep: True
2020-05-23 11:49:46,752:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_nginx.configurator.NginxConfigurator object at 0x7efd7da72820> and installer <certbot_nginx.configurator.NginxConfigurator object at 0x7efd7da72820>
2020-05-23 11:49:46,752:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2020-05-23 11:49:57,137:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2020-05-23 11:49:57,143:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2020-05-23 11:49:57,196:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/usr/bin/certbot”, line 11, in
load_entry_point(‘certbot==0.40.0’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1382, in main
return config.func(config, plugins)
File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1125, in run
le_client = _init_le_client(config, authenticator, installer)
File “/usr/lib/python3/dist-packages/certbot/main.py”, line 607, in _init_le_client
acc, acme = _determine_account(config)
File “/usr/lib/python3/dist-packages/certbot/main.py”, line 522, in _determine_account
acc, acme = client.register(
File “/usr/lib/python3/dist-packages/certbot/client.py”, line 176, in register
acme = acme_from_config_key(config, key)
File “/usr/lib/python3/dist-packages/certbot/client.py”, line 46, in acme_from_config_key
return acme_client.BackwardsCompatibleClientV2(net, key, config.server)
File “/usr/lib/python3/dist-packages/acme/client.py”, line 808, in init
directory = messages.Directory.from_json(net.get(server).json())
File “/usr/lib/python3/dist-packages/acme/client.py”, line 1138, in get
self._send_request(‘GET’, url, **kwargs), content_type=content_type)
File “/usr/lib/python3/dist-packages/acme/client.py”, line 1088, in _send_request
response = self.session.request(method, url, *args, **kwargs)
File “/usr/lib/python3/dist-packages/requests/sessions.py”, line 533, in request
resp = self.send(prep, **send_kwargs)
File “/usr/lib/python3/dist-packages/requests/sessions.py”, line 646, in send
r = adapter.send(request, **kwargs)
File “/usr/lib/python3/dist-packages/requests/adapters.py”, line 439, in send
resp = conn.urlopen(
File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 665, in urlopen
httplib_response = self._make_request(
File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 376, in _make_request
self._validate_conn(conn)
File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 996, in validate_conn
conn.connect()
File “/usr/lib/python3/dist-packages/urllib3/connection.py”, line 352, in connect
self.sock = ssl_wrap_socket(
File "/usr/lib/python3/dist-packages/urllib3/util/ssl.py", line 336, in ssl_wrap_socket
context.load_verify_locations(ca_certs, ca_cert_dir)
File “/usr/lib/python3/dist-packages/urllib3/contrib/pyopenssl.py”, line 453, in load_verify_locations
self._ctx.load_verify_locations(cafile, capath)
File “/usr/lib/python3/dist-packages/OpenSSL/SSL.py”, line 776, in load_verify_locations
_raise_current_error()
File “/usr/lib/python3/dist-packages/OpenSSL/_util.py”, line 54, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.SSL.Error: [(‘x509 certificate routines’, ‘X509_load_cert_crl_file’, ‘no certificate or crl found’)]
2020-05-23 11:49:57,206:ERROR:certbot.log:An unexpected error occurred:

1 Like
4

Looks like it’s unable to find your system’s root certificate trust store.

Is the ca-certificates package installed?

1 Like
5

I didn´t do it my self

6

But is it installed?

dpkg -l ca-certificates

1 Like
7

I think it`s not:

Gewünscht=Unbekannt/Installieren/R=Entfernen/P=Vollständig Löschen/Halten
| Status=Nicht/Installiert/Config/U=Entpackt/halb konFiguriert/
Halb installiert/Trigger erWartet/Trigger anhängig
|/ Fehler?=(kein)/R=Neuinstallation notwendig (Status, Fehler: GROSS=schlecht)
||/ Name Version Architektur Beschreibung
++±===============-===============-============-=================================
ii ca-certificates 20190110ubuntu1 all Common CA certificates

1 Like
8

ok the problem is resolved.

I install the CA.

Thanks

1 Like
9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.