Parse renewal config with older version


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: se-board.com + others

I ran this command: sudo certbot renew

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/se-board.com.conf
-------------------------------------------------------------------------------
Attempting to parse the version 0.30.0 renewal configuration file found at /etc/letsencrypt/renewal/se-board.com.conf with version 0.23.0 of Certbot. This might not work.
Cert not yet due for renewal

My web server is (include version): No webserver

The operating system my web server runs on is (include version): Ubuntu 18.04

My hosting provider, if applicable, is: Digital Ocean

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No via ssh

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.23.0


#2

Hi @Jinx13

checking your domain - the domain is completely invisible, only timeouts ( https://check-your-website.server-daten.de/?q=se-board.com )

Domainname Http-Status redirect Sec. G
http://se-board.com/
104.27.142.137 -14 10.024 T
Timeout - The operation has timed out
http://se-board.com/
104.27.143.137 -14 10.027 T
Timeout - The operation has timed out
http://se-board.com/
2606:4700:30::681b:8e89 -14 10.037 T
Timeout - The operation has timed out
http://se-board.com/
2606:4700:30::681b:8f89 -14 10.030 T
Timeout - The operation has timed out

– Skipped the other checks –

But your last certificate is a valid wildcard certificate

CRT-Id Issuer not before not after Domain names LE-Duplicate next LE
1220796557 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2019-02-20 15:12:05 2019-05-21 14:12:05 *.se-board.com, se-board.com

you can use 2019-05-21.

Do you want to renew that certificate? -> dns-01 validation is required.

  • Make a backup of the not working config file
  • Delete it
  • use
certbot -d *.se-board.com -d se-board.com

then Certbot should ask and create a new config file.

Same with your other domains.


#3

Thank you I should have been clearer. The server is used as a mail server and does not have a webserver.

I validate with the cloudflare DNS plugin. So are you saying when the certificate does renew then a new config file will be created?


#4

Yes. That shouldn’t be a problem. You have to use one time per certificate the complete command (with the list of domain names per certificate).

But that’s an one-time-thing.