The renewal command is built into Alma 8.6. Where would I find it?
The only log I have is Logwatch
Which log should I be looking at?
Is there any way to improve the letsencrypt detail delivered by Logwatch?
I ran certbot renew
[root@alma-86 ~]# certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/corp.networkingtechnology.org.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Failed to renew certificate corp.networkingtechnology.org with error: Account at /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/90eb7ed71db53fd117f72c0855591879 does not exist
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/support.corp.networkingtechnology.org.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Certificate not yet due for renewal
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/writers.corp.networkingtechnology.org.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Certificate not yet due for renewal
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The following certificates are not due for renewal yet:
/etc/letsencrypt/live/support.corp.networkingtechnology.org/fullchain.pem expires on 2022-12-24 (skipped)
/etc/letsencrypt/live/writers.corp.networkingtechnology.org/fullchain.pem expires on 2022-11-19 (skipped)
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/corp.networkingtechnology.org/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
[root@alma-86 ~]#
Here is the complete logfile for 27/09/2022
2022-09-27 09:44:59,255:DEBUG:certbot._internal.main:certbot version: 1.22.0
2022-09-27 09:44:59,258:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2022-09-27 09:44:59,258:DEBUG:certbot._internal.main:Arguments: []
2022-09-27 09:44:59,259:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-09-27 09:44:59,302:DEBUG:certbot._internal.log:Root logging level set at 30
2022-09-27 09:44:59,305:DEBUG:certbot._internal.display.obj:Notifying user: Processing /etc/letsencrypt/renewal/corp.networkingtechnology.org.conf
2022-09-27 09:44:59,348:DEBUG:certbot._internal.plugins.selection:Requested authenticator <certbot._internal.cli.cli_utils._Default object at 0x7f391d3a4c50> and installer <certbot._internal.cli.cli_utils._Default object at 0x7f391d3a4c50>
2022-09-27 09:44:59,391:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80
2022-09-27 09:44:59,437:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503
2022-09-27 09:44:59,439:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/corp.networkingtechnology.org/cert1.pem is signed by the certificate's issuer.
2022-09-27 09:44:59,445:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/corp.networkingtechnology.org/cert1.pem is: OCSPCertStatus.GOOD
2022-09-27 09:44:59,450:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2022-10-08 19:39:36 UTC.
2022-09-27 09:44:59,450:INFO:certbot._internal.renewal:Certificate is due for renewal, auto-renewing...
2022-09-27 09:44:59,450:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2022-09-27 09:44:59,596:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.37
2022-09-27 09:44:59,978:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_fedora.FedoraConfigurator object at 0x7f391d329f98>
Prep: True
2022-09-27 09:44:59,982:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_fedora.FedoraConfigurator object at 0x7f391d329f98>
Prep: True
2022-09-27 09:44:59,982:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_fedora.FedoraConfigurator object at 0x7f391d329f98> and installer <certbot_apache._internal.override_fedora.FedoraConfigurator object at 0x7f391d329f98>
2022-09-27 09:44:59,983:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2022-09-27 09:44:59,983:ERROR:certbot._internal.renewal:Failed to renew certificate corp.networkingtechnology.org with error: Account at /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/90eb7ed71db53fd117f72c0855591879 does not exist
2022-09-27 09:44:59,985:DEBUG:certbot._internal.renewal:Traceback was:
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/usr/lib/python3.6/site-packages/certbot/_internal/main.py", line 1439, in renew_cert
le_client = _init_le_client(config, auth, installer)
File "/usr/lib/python3.6/site-packages/certbot/_internal/main.py", line 788, in _init_le_client
acc, acme = _determine_account(config)
File "/usr/lib/python3.6/site-packages/certbot/_internal/main.py", line 688, in _determine_account
acc = account_storage.load(config.account)
File "/usr/lib/python3.6/site-packages/certbot/_internal/account.py", line 247, in load
return self._load_for_server_path(account_id, self.config.server_path)
File "/usr/lib/python3.6/site-packages/certbot/_internal/account.py", line 218, in _load_for_server_path
prev_loaded_account = self._load_for_server_path(account_id, prev_server_path)
File "/usr/lib/python3.6/site-packages/certbot/_internal/account.py", line 228, in _load_for_server_path
"Account at %s does not exist" % account_dir_path)
certbot.errors.AccountNotFound: Account at /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/90eb7ed71db53fd117f72c0855591879 does not exist
2022-09-27 09:44:59,986:DEBUG:certbot._internal.display.obj:Notifying user: Processing /etc/letsencrypt/renewal/support.corp.networkingtechnology.org.conf
2022-09-27 09:45:00,029:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80
2022-09-27 09:45:00,067:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503
2022-09-27 09:45:00,070:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/support.corp.networkingtechnology.org/cert2.pem is signed by the certificate's issuer.
2022-09-27 09:45:00,071:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/support.corp.networkingtechnology.org/cert2.pem is: OCSPCertStatus.GOOD
2022-09-27 09:45:00,073:DEBUG:certbot._internal.display.obj:Notifying user: Certificate not yet due for renewal
2022-09-27 09:45:00,074:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2022-09-27 09:45:00,080:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * apache
Description: Apache Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_fedora.FedoraConfigurator object at 0x7f391d3294e0>
2022-09-27 09:45:00,081:DEBUG:certbot.plugins.storage:Plugin storage file /etc/letsencrypt/.pluginstorage.json was empty, no values loaded
2022-09-27 09:45:00,081:DEBUG:certbot._internal.display.obj:Notifying user: Processing /etc/letsencrypt/renewal/writers.corp.networkingtechnology.org.conf
2022-09-27 09:45:00,120:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80
2022-09-27 09:45:00,159:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503
2022-09-27 09:45:00,161:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/writers.corp.networkingtechnology.org/cert1.pem is signed by the certificate's issuer.
2022-09-27 09:45:00,162:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/writers.corp.networkingtechnology.org/cert1.pem is: OCSPCertStatus.GOOD
2022-09-27 09:45:00,163:DEBUG:certbot._internal.display.obj:Notifying user: Certificate not yet due for renewal
2022-09-27 09:45:00,165:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2022-09-27 09:45:00,171:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * apache
Description: Apache Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_fedora.FedoraConfigurator object at 0x7f391ccc2be0>
2022-09-27 09:45:00,172:DEBUG:certbot.plugins.storage:Plugin storage file /etc/letsencrypt/.pluginstorage.json was empty, no values loaded
2022-09-27 09:45:00,172:DEBUG:certbot._internal.display.obj:Notifying user:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2022-09-27 09:45:00,173:DEBUG:certbot._internal.display.obj:Notifying user: The following certificates are not due for renewal yet:
2022-09-27 09:45:00,173:DEBUG:certbot._internal.display.obj:Notifying user: /etc/letsencrypt/live/support.corp.networkingtechnology.org/fullchain.pem expires on 2022-12-24 (skipped)
/etc/letsencrypt/live/writers.corp.networkingtechnology.org/fullchain.pem expires on 2022-11-19 (skipped)
2022-09-27 09:45:00,173:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed:
2022-09-27 09:45:00,173:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/corp.networkingtechnology.org/fullchain.pem (failure)
2022-09-27 09:45:00,174:DEBUG:certbot._internal.display.obj:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2022-09-27 09:45:00,174:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in <module>
load_entry_point('certbot==1.22.0', 'console_scripts', 'certbot')()
File "/usr/lib/python3.6/site-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
File "/usr/lib/python3.6/site-packages/certbot/_internal/main.py", line 1632, in main
return config.func(config, plugins)
File "/usr/lib/python3.6/site-packages/certbot/_internal/main.py", line 1518, in renew
renewal.handle_renewal_request(config)
File "/usr/lib/python3.6/site-packages/certbot/_internal/renewal.py", line 512, in handle_renewal_request
len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2022-09-27 09:45:00,175:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s)