Renew failed after any debian updates

Please fill out the fields below so we can help you better.

My domain is:
dksi.de
I ran this command:
certrenew.sh -v
It produced this output:
root@dunedin:~# certrenew.sh -v
Checking Domain www.dksi.de:
2017-01-08 13:21:57,889:INFO:requests.packages.urllib3.connectionpool:788: Starting new HTTPS connection (1): acm
e-v01.api.letsencrypt.org
Traceback (most recent call last):
File “/opt/simp_le/simp_le.py”, line 1401, in main
return main_with_exceptions(cli_args)
File “/opt/simp_le/simp_le.py”, line 1386, in main_with_exceptions
persist_new_data(args, existing_data)
File “/opt/simp_le/simp_le.py”, line 1282, in persist_new_data
client = registered_client(args, existing_data.account_key)
File “/opt/simp_le/simp_le.py”, line 1224, in registered_client
client = acme_client.Client(directory=args.server, key=key, net=net)
File “/opt/simp_le/venv/local/lib/python2.7/site-packages/acme/client.py”, line 63, in init
self.net.get(directory).json())
File “/opt/simp_le/venv/local/lib/python2.7/site-packages/acme/messages.py”, line 169, in from_json
raise jose.DeserializationError(str(error))
DeserializationError: Deserialization error: Wrong directory fields

Unhandled error has happened, traceback is above

Debugging tips: -v improves output verbosity. Help is available under --help.
Checking Domain analytics.dksi.de
2017-01-08 13:22:09,888:INFO:simp_le:1383: Certificates already exist and renewal is not necessary, exiting with
status code 1.
My operating system is (include version):
debian 8.0
My web server is (include version):
nginx/1.9.15
My hosting provider, if applicable, is:
pcextreme
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

I have no idea, where the problem is. Maybe anyone can help me.

I don’t recognise “certrenew.sh” can you tell us what this contains ? or provide a link to it somewhere ?

sure
That’s the shellscript to check or renew my certificates for my domains and subdomains.
It contains this:
’’
#!/bin/bash
DOMAINS=("$@")
for i in "${DOMAINS[@]}"
do
chmod -R 600 /etc/nginx/ssl/${DOMAIN}/;
echo "Checking Domain www.dksi.de:"
cd /etc/nginx/ssl/www.dksi.de;
simp_le -d www.dksi.de:/tmp/letsencrypt/www.dksi.de -f account_key.json -f key.pem -f cert.pem -f fullchain.pem --default_root /var/www/dksi.de/www/www/;
echo "Checking Domain analytics.dksi.de"
cd /etc/nginx/ssl/analytics.dksi.de;
simp_le -d analytics.dksi.de:/tmp/letsencrypt/analytics.dksi.de -f account_key.json -f key.pem -f cert.pem -f fullchain.pem --default_root /var/www/dksi.de/www/analytics/;
…
rm -r /tmp/letsencrypt/;
chmod -R 400 /etc/nginx/ssl/${DOMAIN}/*;
service nginx restart;

done
’'
Before any update it worked perfect for all of my domains and subdomains.

More informations about my solutions for the configurations you can find here:

https://blog.dksi.de/solved-generating-new-letsencrypt-certificates-failed/
https://blog.dksi.de/using-simp_le-with-letsencrypt-for-free-ssl-certificates-with-nginx/
https://blog.dksi.de/

But patience, my webserver works on one of the first raspberry pi

and sorry for my bad english

This looks like a known bug in simp_le - see https://github.com/kuba/simp_le/issues/118

It doesn’t look as if simp_le is maintained, although there are others maintaining forks which have corrected the issue. Alternatively you may be better with one of the alternative clients

Thank you for your support.

After a complete simp_le reistallation from https://github.com/zenhack/simp_le/ it works again. All certificates were renewed in one step.

You can close this issue.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.