Renew certificate

Hello, a colleague of mine has configured a domain certificate * .domain.it …
unfortunately for me it has changed job and I have realized that this certificate is not renewed anymore and from this error you can help me for help

thank you

2019-07-19 09:00:03,178:DEBUG:certbot.main:certbot version: 0.36.0
2019-07-19 09:00:03,178:DEBUG:certbot.main:Arguments:
2019-07-19 09:00:03,178:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntry
Point#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-07-19 09:00:03,195:DEBUG:certbot.log:Root logging level set at 20
2019-07-19 09:00:03,196:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-07-19 09:00:03,230:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f5e804a7ed0> and instal
ler <certbot.cli._Default object at 0x7f5e804a7ed0>
2019-07-19 09:00:03,262:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2019-07-28 10:47:57 UTC.
2019-07-19 09:00:03,262:INFO:certbot.renewal:Cert is due for renewal, auto-renewing…
2019-07-19 09:00:03,263:INFO:certbot.renewal:Non-interactive renewal: random delay of 71 seconds
2019-07-19 09:01:14,311:DEBUG:certbot.plugins.selection:Requested authenticator manual and installer None
2019-07-19 09:01:14,317:DEBUG:certbot.plugins.disco:Other error:(PluginEntryPoint#manual): An authentication script must be provided with
–manual-auth-hook when using the manual plugin non-interactively.
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/disco.py”, line 130, in prepare
self._initialized.prepare()
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/manual.py”, line 90, in prepare
self.option_name(‘auth-hook’)))
PluginError: An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.
2019-07-19 09:01:14,318:DEBUG:certbot.plugins.selection:No candidate plugin
2019-07-19 09:01:14,318:DEBUG:certbot.plugins.selection:Selected authenticator None and installer None
2019-07-19 09:01:14,318:INFO:certbot.main:Could not choose appropriate plugin: The manual plugin is not working; there may be problems wit
h your existing configuration.
The error was: PluginError(‘An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactive
ly.’,)
2019-07-19 09:01:14,318:WARNING:certbot.renewal:Attempting to renew cert (easymatica.it) from /etc/letsencrypt/renewal/easymatica.it.conf
produced an unexpected error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactive
ly.’,). Skipping.
2019-07-19 09:01:14,319:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/renewal.py”, line 449, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py”, line 1201, in renew_cert
installer, auth = plug_sel.choose_configurator_plugins(config, plugins, “certonly”)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/selection.py”, line 235, in choose_configurator_plugins
diagnose_configurator_problem(“authenticator”, req_auth, plugins)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/selection.py”, line 339, in diagnose_configurator_problem
raise errors.PluginSelectionError(msg)
PluginSelectionError: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.’,)

2019-07-19 09:01:14,319:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2019-07-19 09:01:14,319:ERROR:certbot.renewal: /etc/letsencrypt/live/easymatica.it/fullchain.pem (failure)
2019-07-19 09:01:14,319:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py”, line 1381, in main
return config.func(config, plugins)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py”, line 1286, in renew
renewal.handle_renewal_request(config)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/renewal.py”, line 474, in handle_renewal_request
len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 0 parse failure(s)
[root@SRVXAPACHE1 letsencrypt]# more letsencrypt.log
2019-07-19 09:00:03,178:DEBUG:certbot.main:certbot version: 0.36.0
2019-07-19 09:00:03,178:DEBUG:certbot.main:Arguments:
2019-07-19 09:00:03,178:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#n
ull,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-07-19 09:00:03,195:DEBUG:certbot.log:Root logging level set at 20
2019-07-19 09:00:03,196:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-07-19 09:00:03,230:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f5e804a7ed0> and installer <certbot.cli._Default obje
ct at 0x7f5e804a7ed0>
2019-07-19 09:00:03,262:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2019-07-28 10:47:57 UTC.
2019-07-19 09:00:03,262:INFO:certbot.renewal:Cert is due for renewal, auto-renewing…
2019-07-19 09:00:03,263:INFO:certbot.renewal:Non-interactive renewal: random delay of 71 seconds
2019-07-19 09:01:14,311:DEBUG:certbot.plugins.selection:Requested authenticator manual and installer None
2019-07-19 09:01:14,317:DEBUG:certbot.plugins.disco:Other error:(PluginEntryPoint#manual): An authentication script must be provided with --manual-auth-hook when using
the manual plugin non-interactively.
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/disco.py”, line 130, in prepare
self._initialized.prepare()
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/manual.py”, line 90, in prepare
self.option_name(‘auth-hook’)))
PluginError: An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.
2019-07-19 09:01:14,318:DEBUG:certbot.plugins.selection:No candidate plugin
2019-07-19 09:01:14,318:DEBUG:certbot.plugins.selection:Selected authenticator None and installer None
2019-07-19 09:01:14,318:INFO:certbot.main:Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.’,)
2019-07-19 09:01:14,318:WARNING:certbot.renewal:Attempting to renew cert (easymatica.it) from /etc/letsencrypt/renewal/easymatica.it.conf produced an unexpected error:
The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.’,). Skipping.
2019-07-19 09:01:14,319:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/renewal.py”, line 449, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py”, line 1201, in renew_cert
installer, auth = plug_sel.choose_configurator_plugins(config, plugins, “certonly”)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/selection.py”, line 235, in choose_configurator_plugins
diagnose_configurator_problem(“authenticator”, req_auth, plugins)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/selection.py”, line 339, in diagnose_configurator_problem
raise errors.PluginSelectionError(msg)
PluginSelectionError: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.’,)

2019-07-19 09:01:14,319:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2019-07-19 09:01:14,319:ERROR:certbot.renewal: /etc/letsencrypt/live/easymatica.it/fullchain.pem (failure)
2019-07-19 09:01:14,319:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py”, line 1381, in main
return config.func(config, plugins)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py”, line 1286, in renew
renewal.handle_renewal_request(config)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/renewal.py”, line 474, in handle_renewal_request
len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 0 parse failure(s)

Hi @fabio.giusti

if you are new, please start with some basics.

You want a wildcard certificate, so you must use dns-01 validation.

Please read

The problem:

There was --manual used. So you can’t use renew without an additional and working script.

Instead, you have to use the complete command. Something like

sudo certbot --manual -d yourdomain.com -d *.yourdomain.com certonly
1 Like

ok, I’ll read the documentation and thank you for your help

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.