Renew fails... python error!


#1

Out of the sudden, I got an error after trying to renew my certificates. One certificate is failing to renew. Here’s the log in /var/log/letsencrypt/:

2017-01-31 20:59:54,078:WARNING:certbot.renewal:Attempting to renew cert from /etc/letsencrypt/renewal/www.mydomain.com.conf produced an unexpected error: object of type 'NoneType' has no len(). Skipping.
2017-01-31 20:59:54,079:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/renewal.py", line 413, in handle_renewal_request
    main.obtain_cert(lineage_config, plugins, renewal_candidate)
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 626, in obtain_cert
    action, _ = _auth_from_available(le_client, config, domains, certname, lineage)
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 103, in _auth_from_available
    renewal.renew_cert(config, domains, le_client, lineage)
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/renewal.py", line 296, in renew_cert
    new_certr, new_chain, new_key, _ = le_client.obtain_certificate(domains)
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 262, in obtain_certificate
    self.config.allow_subset_of_names)
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 73, in get_authorizations
    resp = self._solve_challenges()
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 117, in _solve_challenges
    assert len(resp) == len(self.achalls)
TypeError: object of type 'NoneType' has no len()

Also I noticed with --dry-run all renewals fail!

I wanna say that I never did anything special. I just ran the command that I always use to renew my certificates: letsencrypt-auto renew

Any ideas?

Let me know if you require more info.

Thanks in advance!


#2

Hi @samerafach,

Could you should us the content of that /etc/letsencrypt/renewal/www.mydomain.com.conf?


#3

Here it’s:

# renew_before_expiry = 30 days
cert = /etc/letsencrypt/live/www.mydomain.com/cert.pem
privkey = /etc/letsencrypt/live/www.mydomain.com/privkey.pem
chain = /etc/letsencrypt/live/www.mydomain.com/chain.pem
fullchain = /etc/letsencrypt/live/www.mydomain.com/fullchain.pem
version = 0.9.3

# Options used in the renewal process
[renewalparams]
authenticator = standalone
installer = None
rsa_key_size = 4096
account = c1111ea111d1925f4651ffe71f6c2aae

I tampered with the account number (because I don’t know whether that has anything with security and I’m a little paranoid about it… sorry!).


#4

Interesting, I don’t see anything bad about that. Can you try adding -v for verbosity when renewing and then see if more information appears in the /var/log/letsencrypt logs?


#5

Actually the log that I posted first was from /var/log/letsencrypt. The log there is really, really big. Should I copy everything? Doesn’t that somehow expose private keys or something?

On the other hand, from my own viewing of this, the only place where “error” is mentioned, is what I copied. Other than that, I couldn’t find any keywords showing errors.

Please advise.


#6

Btw, the -v flag didn’t give anything different (in the log file, I mean)…


#7

OK. I tried again, and it updated from 0.10.2 to 0.11.0, and I restarted my server, and it works now. Thanks!


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.