Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
I ran this command:
sudo certbot --nginx -d -d

It produced this output:
An unexpected error occurred:
OpenSSL.SSL.Error: [(‘x509 certificate routines’, ‘X509_load_cert_crl_file’, ‘no certificate or crl found’)]
Please see the logfiles in /var/log/letsencrypt for more details.

My web server is (include version):

nginx version: nginx/1.18.0 (Ubuntu)

The operating system my web server runs on is (include version):

Ubuntu 20.02

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.40.0

Unstalled certificates:

dpkg -l | grep ca-certificates
ii ca-certificates 20190110ubuntu1.1 all Common CA certificates

full log:

2020-07-08 13:39:19,647:ERROR:certbot.log:An unexpected error occurred:
OpenSSL.SSL.Error: [(‘x509 certificate routines’, ‘X509_load_cert_crl_file’, ‘no certificate or crl found’)]
raise exception_type(errors)
File “/usr/lib/python3/dist-packages/OpenSSL/”, line 54, in exception_from_error_queue
File “/usr/lib/python3/dist-packages/OpenSSL/”, line 776, in load_verify_locations
self.ctx.load_verify_locations(cafile, capath)
File “/usr/lib/python3/dist-packages/urllib3/contrib/”, line 453, in load_verify_locations
context.load_verify_locations(ca_certs, ca_cert_dir)
File "/usr/lib/python3/dist-packages/urllib3/util/ssl
.py", line 336, in ssl_wrap_socket
self.sock = ssl_wrap_socket(
File “/usr/lib/python3/dist-packages/urllib3/”, line 352, in connect
File “/usr/lib/python3/dist-packages/urllib3/”, line 996, in _validate_conn
File “/usr/lib/python3/dist-packages/urllib3/”, line 376, in _make_request
httplib_response = self._make_request(
File “/usr/lib/python3/dist-packages/urllib3/”, line 665, in urlopen
resp = conn.urlopen(
File “/usr/lib/python3/dist-packages/requests/”, line 439, in send
r = adapter.send(request, **kwargs)
File “/usr/lib/python3/dist-packages/requests/”, line 646, in send
resp = self.send(prep, **send_kwargs)
File “/usr/lib/python3/dist-packages/requests/”, line 533, in request
response = self.session.request(method, url, *args, **kwargs)
File “/usr/lib/python3/dist-packages/acme/”, line 1088, in _send_request
self._send_request(‘GET’, url, **kwargs), content_type=content_type)
File “/usr/lib/python3/dist-packages/acme/”, line 1138, in get
directory = messages.Directory.from_json(net.get(server).json())
File “/usr/lib/python3/dist-packages/acme/”, line 808, in init
return acme_client.BackwardsCompatibleClientV2(net, key, config.server)
File “/usr/lib/python3/dist-packages/certbot/”, line 46, in acme_from_config_key
acme = acme_from_config_key(config, key)
File “/usr/lib/python3/dist-packages/certbot/”, line 176, in register
acc, acme = client.register(
File “/usr/lib/python3/dist-packages/certbot/”, line 522, in _determine_account
acc, acme = _determine_account(config)
File “/usr/lib/python3/dist-packages/certbot/”, line 607, in _init_le_client
le_client = _init_le_client(config, authenticator, installer)
File “/usr/lib/python3/dist-packages/certbot/”, line 1125, in run
return config.func(config, plugins)
File “/usr/lib/python3/dist-packages/certbot/”, line 1382, in main
load_entry_point(‘certbot==0.40.0’, ‘console_scripts’, ‘certbot’)()
File “/usr/bin/certbot”, line 11, in
Traceback (most recent call last):
2020-07-08 13:39:19,645:DEBUG:certbot.log:Exiting abnormally:
2020-07-08 13:39:19,639:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1):
2020-07-08 13:39:19,637:DEBUG:acme.client:Sending GET request to
2020-07-08 13:39:09,283:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2020-07-08 13:39:09,283:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_nginx.configurator.NginxConfigurator object at 0x7f1852441070> and installer <certbot_nginx.configurator.NginxConfigurator object at 0x7f1852441070>
Prep: True
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f1852441070>
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Interfaces: IAuthenticator, IInstaller, IPlugin
Description: Nginx Web Server plugin
2020-07-08 13:39:09,282:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx
2020-07-08 13:39:09,148:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
2020-07-08 13:39:09,147:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-07-08 13:39:09,147:DEBUG:certbot.log:Root logging level set at 20
2020-07-08 13:39:09,140:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2020-07-08 13:39:09,140:DEBUG:certbot.main:Arguments: [’–nginx’, ‘-d’, ‘’, ‘-d’, ‘’]
2020-07-08 13:39:09,139:DEBUG:certbot.main:certbot version: 0.40.0

@Dinin i saw you have the same problem. How are you resolved it

1 Like

Hi @pistoletov1974

looks like you have deleted your certificate.


  • restore the certificate using your backup (if you don’t have a backup, that’s the next problem you should fix) (or)
  • install a self signed certificate (or)
  • disable that not working vHost

Thank you, @JuergenAuer
this is a first time getting certificate. And fresh ubuntu install and fresh certbot install. may be i need some extra packages for python?
this is list of commands:
79 sudo apt install certbot python3-certbot-nginx
80 sudo vim /etc/nginx/sites-available/
81 sudo nginx -t
82 sudo certbot --nginx -d -d

i have disable my server block in nginx (sudo rm /etc/nginx/sites-enabled/
but the same error

and if i try simple https connection i got error:

curl: (77) error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs

1 Like

Sorry, false read.


Error: “X509_load_cert_crl_file” when restarting Apache


The following error occurs when restarting an Apache server:

SSL Library Error: 185090057 error:0B084009:x509 certificate routines:X509_load_cert_crl_file:PEM lib

Looks like a crl file is missing or has the wrong format.

If you can’t use curl to connect or Letsencrypt, your basic installation is incomplete.



have resolve my problem.
The solution is:
sudo apt remove ca-certificates
sudo apt install ca-certificates
curl -I - work fine!!!
sudo apt install certbot python3-certbot-nginx
sudo certbot --nginx -d -d


Your idea was good.

Second user with the same problem and the same solution.

Looks like a general problem.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.