Problem with renew wildcard certificate


#1

Hello,

I am trying wildcard certificate and I am thinking about renew. As I read on this forum, I successfuly created certificates with certbot (0.22.2) with command:
certbot certonly --manual -d ‘*.domain.cz’ -d domain.cz --agree-tos --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory

But how I can renew certificate. If I try certbot renew --dry-run I of course got error:
Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration.

Is there any other possibility than rerun certbot certonly command?

Thank you
D


#2

Hi @darius1706,

certbot renew is incompatible with --manual unless you supply an authentication script. This is because certbot renew is designed to be completely non-interactive and can’t pause or ask you to do something. (It’s meant to be run primarily from crontab files, which have no mechanism to interact with the user, and to work properly even for hundreds of separate certificates.) If you use --manual without an authentication hook script, the renewal process would require human interaction.

So you need to either write a script that can perform the authentication step, or switch to a different plugin that implements an API for your DNS provider, or rerun certbot certonly in order to renew.


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.