Problem with renew certificates on CentOs

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
I ran this command:
./certbot-auto renew
It produced this output:
Creating virtual environment…
Installing Python packages…
Had a problem while installing Python packages.

pip prints the following errors:

Collecting ConfigArgParse==1.0 (from -r /tmp/tmp.ZYWjmb4dg5/letsencrypt-auto-requirements.txt (line 12))
Could not fetch URL There was a problem confirming the ssl certificate: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618) - skipping
Could not find a version that satisfies the requirement ConfigArgParse==1.0 (from -r /tmp/tmp.ZYWjmb4dg5/letsencrypt-auto-requirements.txt (line 12)) (from versions: )
No matching distribution found for ConfigArgParse==1.0 (from -r /tmp/tmp.ZYWjmb4dg5/letsencrypt-auto-requirements.txt (line 12))

Certbot has problem setting up the virtual environment.

We were not be able to guess the right solution from your pip

for possible solutions.

My web server is (include version):
The operating system my web server runs on is (include version):

I have upgrade python on 3.6 but that’s still 2.7
Thank you

1 Like

Does this work?

curl -X GET -I
1 Like
HTTP/1.1 301 Redirect to Primary Domain
Connection: close
Content-Length: 122
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=UTF-8
Accept-Ranges: bytes
Date: Thu, 02 Jul 2020 12:03:27 GMT
X-Served-By: cache-cdg20750-CDG
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1593691407.446929,VS0,VE0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none

Ok my firewall bloqued !
I make a new rule, and now i have

Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator standalone, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for
Cleaning up challenges
Attempting to renew cert ( from /etc/letsencrypt/renewal/ produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
1 Like

It’s ok for 2 domains, but one doesn’t want. I have a centreon serveur :

   Type:   unauthorized
   Detail: Invalid response from
   2.0//EN\">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.
1 Like

If you use the standalone authenticator, you must first stop nginx before renewing.

Otherwise, try something like:

certbot renew --nginx --dry-run
1 Like

It’s ok. Can be close :wink:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.