danis
November 2, 2021, 11:37pm
1
My domain is: custom internal domain
We have a running internal acme server at acme02-dev.internal.com
I ran this command to issue the certificate from the internal acme server:
certbot --nginx -d myhost.internal.com --server https://acme02-dev.internal.com/acme/acme/directory
The certificate is issued and installed properly. So far so good.
I see that there is a conf file:
/etc/letsencrypt/renewal/myhost.internal.com.conf
In the conf file there is a row
server = https://acme02-dev.internal.com/acme/acme/directory
which is how it should be
But when I run:
certbot renew --dry-run
edit: fails only with --dry-run
Certbot does not use the custom acme server but tries to renew from letsencrypt instead. Which fails of course.
I have to run certbot renew --server https://acme02-dev.internal.com/acme/acme/directory
to make it work.
Which means that certbot does not use the server setting in the conf file.
The version of my client is:
certbot 1.20.0
github issue link:
opened 11:39PM - 02 Nov 21 UTC
area: ui / ux
area: documentation
priority: significant
My domain is: custom internal domain
We have a running internal acme server at … `acme02-dev.internal.com`
I ran this command to issue the certificate from the internal acme server:
`certbot --nginx -d myhost.internal.com --server https://acme02-dev.internal.com/acme/acme/directory`
The certificate is issued and installed properly. So far so good.
I see that there is a conf file:
`/etc/letsencrypt/renewal/myhost.internal.com.conf`
In the conf file there is a row
`server = https://acme02-dev.internal.com/acme/acme/directory`
which is how it should be
But when I run:
`certbot renew --dry-run`
Certbot does not use the custom acme server but tries to renew from letsencrypt instead. Which fails of course.
I have to run `certbot renew --server https://acme02-dev.internal.com/acme/acme/directory` to make it work.
Which means that certbot does not use the server setting in the conf file.
The version of my client is:
certbot 1.20.0
Community link:
https://community.letsencrypt.org/t/renew-does-not-use-the-renewalparams-server-conf/164610
2 Likes
rg305
November 3, 2021, 3:43am
2
Please include the letsencrypt.log
file that shows this behavior.
1 Like
danis
November 3, 2021, 12:06pm
3
Seems like this happens only with --dry-run. Will edit the 1st post.
I did --force-renewal and it worked. So at least it's failing only when testing
danis
November 3, 2021, 12:16pm
4
I see in the github issue reply that this is how it should work, so my fault. --dry-run is always using staging by default:
opened 11:39PM - 02 Nov 21 UTC
area: ui / ux
area: documentation
priority: significant
My domain is: custom internal domain
We have a running internal acme server at … `acme02-dev.internal.com`
I ran this command to issue the certificate from the internal acme server:
`certbot --nginx -d myhost.internal.com --server https://acme02-dev.internal.com/acme/acme/directory`
The certificate is issued and installed properly. So far so good.
I see that there is a conf file:
`/etc/letsencrypt/renewal/myhost.internal.com.conf`
In the conf file there is a row
`server = https://acme02-dev.internal.com/acme/acme/directory`
which is how it should be
But when I run:
`certbot renew --dry-run`
Certbot does not use the custom acme server but tries to renew from letsencrypt instead. Which fails of course.
I have to run `certbot renew --server https://acme02-dev.internal.com/acme/acme/directory` to make it work.
Which means that certbot does not use the server setting in the conf file.
The version of my client is:
certbot 1.20.0
Community link:
https://community.letsencrypt.org/t/renew-does-not-use-the-renewalparams-server-conf/164610
3 Likes
system
Closed
December 3, 2021, 12:16pm
5
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.