Hi!
My domain is:
s0.example.ru, s0.example.com, s0.example.de
s1.example.ru, s1.example.com, s1.example.de
...
s4.example.ru, s4.example.com, s4.example.de
First i generated certs by:
0. letsencrypt certonly --webroot -w /etc/nginx/ssl/acme/ -d s0.example.de
letsencrypt certonly --webroot -w /etc/nginx/ssl/acme/ -d s0.example.ru -d s0.example.com -d s0.example.es
letsencrypt certonly --webroot -w /etc/nginx/ssl/acme/ -d s1.example.ru -d s1.example.com -d s1.example.es -d s1.example.de
- same for s2.example.***
- same for s3.example.***
- same for s4.example.***
service nginx reload
and everything work fine.
Then i ran this command:
letsencrypt renew --dry-run --agree-tos
It produced this output:
Processing /etc/letsencrypt/renewal/s3.example.ru.conf
2017-03-06 15:04:39,573:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/s3.example.ru.conf produced an unexpected error: The webroot plugin is not working; there may be problems with your existing configuration.
The error was: PluginError("Couldn't create root for {0} http-01 challenge responses: {1}", 's3.example-amlak.com', OSError(1, 'Operation not permitted')). Skipping.
Processing /etc/letsencrypt/renewal/s0.example.de.conf
Processing /etc/letsencrypt/renewal/s0.example.ru.conf
2017-03-06 15:04:45,630:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/s0.example.ru.conf produced an unexpected error: The webroot plugin is not working; there may be problems with your existing configuration.
The error was: PluginError("Couldn't create root for {0} http-01 challenge responses: {1}", 's0.example.ru', OSError(1, 'Operation not permitted')). Skipping.
Processing /etc/letsencrypt/renewal/s4.example.ru.conf
Processing /etc/letsencrypt/renewal/s1.example.ru.conf
2017-03-06 15:04:54,622:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/s1.example.ru.conf produced an unexpected error: The webroot plugin is not working; there may be problems with your existing configuration
The error was: PluginError("Couldn't create root for {0} http-01 challenge responses: {1}", 's1.example.ru', OSError(1, 'Operation not permitted')). Skipping.
Processing /etc/letsencrypt/renewal/s2.example.ru.conf
** DRY RUN: simulating 'letsencrypt renew' close to cert expiry
** (The test certificates below have not been saved.)
The following certs were successfully renewed:
/etc/letsencrypt/live/s0.example.de/fullchain.pem (success)
/etc/letsencrypt/live/s4.example.ru/fullchain.pem (success)
/etc/letsencrypt/live/s2.example.ru/fullchain.pem (success)
The following certs could not be renewed:
/etc/letsencrypt/live/s3.example.ru/fullchain.pem (failure)
/etc/letsencrypt/live/s0.example.ru/fullchain.pem (failure)
/etc/letsencrypt/live/s1.example.ru/fullchain.pem (failure)
** DRY RUN: simulating 'letsencrypt renew' close to cert expiry
** (The test certificates above have not been saved.)
3 renew failure(s), 0 parse failure(s)
My operating system is (include version):
Ubuntu 16.04
My web server is (include version):
nginx 1.10.0
I can login to a root shell on my machine (yes or no, or I don't know):
Undesirable
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
Why only s2, s4 and s0.example.de renewed?
And for example If i revoke and renew s3 certs and ran letsencrypt renew --dry-run --agree-tos
- then i get the same error but s4 becomes at error and s3 renewed