Can you attach the dump here? It seems like you only posted the filesizes and filenames, not the actual file.
2 Likes
capturing "certbot renew --dry-run" with
tcpdump host acme-staging-v02.api.letsencrypt.org -vvv -w dump2.pcap
After seeing the error I interrupted certbot.
All packets were captured, nothing dropped.
dump2.pcap (321.1 KB)
1 Like
I ran the following script x 3 times on different days.
#!/bin/sh
for i in $(seq 1 50)
do
certbot renew --cert-name carvaka.de --dry-run
sleep 180
done
Result: In two script runs there were 3 and in one there were 5 of the above-described errors.
The actual certificate renewals work perfectly. The renewal by the systemd timer always happens immediately if the certificate is only valid for 29 days.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
The thread was about random errors which occurred when running
sudo certbot renew --cert-name MYDOMAIN.TLD --dry-run
The thread was closed without solution. See original thread. So I have to open a new thread to be able to post the solution.
I continued to monitor certbot's behavior using the script provided in the original thread. The bug was present the whole time certbot 2.x was current. The bug disappeared after the snap demon updated certbot to version 3.0.1. My conclusion from this is that it was probably a hidden bug in certbot that was fixed by the new main release.
1 Like
I re-opened the old thread and moved your new one here. Thanks for the update.
Do you consider this resolved now?
I didn't review the thread history just wondering if we still need to look at something
2 Likes
Yes it is solved
3 Likes