My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
Plesk (letsencrypt on this Pleskversion is no longer functioning)
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 0.31.0
Hi, in the past i produced certificates manually that i uploaded to the server. In the meantime i have changed from a textfile to a DNS-Record for the validation.
Because i now am in an awkward position that Hosteurope will not support the Install i would like to produce the certificates manually again to upload them, we will renew the server very soon but for now i need to produce certificates.
Should i try this on an ubuntu system with version 18.04? My laptop has a newer version of Ubuntu.
Could this be caused by old files in .well-known/acme-challenge/ where there are several textfiles.
I ran this without --standalone, then i get a question apache/nginx/standalone where i answered with standalone.
I have stopped nginx and apache because with those active it will not work (port 80 is occupied), and in the past i used --standalone to get the certificate-files on my local machine.
I have the idea that certbot cannot find a "fitting" textfile because i used the dns-record, is there a way to produce a fitting textfile manually?
Your DNS has both an A and AAAA record for IPv4 and IPv6. Connections using IPv6 fail with a timeout. Let's Encrypt servers favor IPv6 so you should correct your IPv6 or remove the AAAA record from your DNS.
Also see Let's Debug test site for info (link here)
I will try the several options, first de-activate IPv6.
The installation with snap is an idea but i am about to get e new PC where i will run Kubuntu 22.04 together with Windows 11 professional. The 9th a hospitalisation and an operation broke my planning ;-(.
I remember that when i used this a few years ago i got an acme-challenge-string presented that i had to copy in a file in the directory on the server so the domain was authorised and the certificates were produced on my local machine. I then copied them on the server.
What _az describes is best. But, the process you used "a few years ago" sounds like a manual request. The command in your first post did not use the correct format for that. See the below topic for the proper format (basically, leave off --standalone and use --manual with two leading dashes)
when i look at the certificate for bkf95.eu with Firefox ist says the certificate is valid to Thu, 30 Mar 2023.
When i lokk with DNSLytics i see the correct IPv4 and IPv6 addresses through which the domain resolves.
So, deleting the IPv6 records, then run the renewal for the certificate with plesk and afterwards put the IPv6 records back in the DNS solves my problem for now.
The cause, a server that is too old, must be solved within the coming 3 month's. I have already a Server with Ubuntu 22.04 where i am testing. A server that was new installed does not have trouble running certbot, i already have done that 3 times.
I do thank you for the trouble you took and for giving me the solution to solve my (temporarily problem).