Renewal fails in cron, works on CLI

When renewing with cerbot through cron, I’m getting this error:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Renewal configuration file /etc/letsencrypt/renewal/ (cert: produced an unexpected error: 'Namespace' object has no attribute 'dns_digitalocean_propagation_seconds'. Skipping.

If I use sudo from command line, everything works fine.

Any thoughts?

My domain is:

My web server is (include version):
Apache/2.4.29 (Ubuntu)

The operating system my web server runs on is (include version):
Ubuntu 18.04.2 LTS

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.26.1

This isn't very helpful, but that's a pretty old version of Certbot.

Try upgrading? "sudo apt update && sudo apt upgrade"?

Could there be multiple separate Certbot installs, getting mixed and matched in different ways due to different environment variables? If so, cleaning that up would be a good idea, and might fix this problem.

How did you install Certbot?

How did you install certbot-dns-digitalocean?

Can you post "dpkg -l '*certbot*'"?

Thanks! I’ll try updating, for sure. I’m also trying now to specify the DO plugin in the crontab. Not sure why that would be needed when it’s not on the command line, but I will know when the cron executes tomorrow morning. I’ll report back here :slight_smile:

| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                      Version                          Architecture Description
ii  certbot                   0.26.1-1+ubuntu18.04.1+certbot+2 all          automatically configure HTTPS using Let's Encrypt
ii  python-certbot-apache     0.31.0-1+ubuntu18.04.1+certbot+1 all          transitional dummy package
un  python-certbot-apache-doc <none>                           <none>       (no description available)
un  python-certbot-doc        <none>                           <none>       (no description available)
un  python-certbot-nginx      <none>                           <none>       (no description available)
ii  python3-certbot           0.26.1-1+ubuntu18.04.1+certbot+2 all          main library for certbot
ii  python3-certbot-apache    0.31.0-1+ubuntu18.04.1+certbot+1 all          Apache plugin for Certbot
un  python3-certbot-nginx     <none>                           <none>       (no description available)

So Certbot was installed using the PPA, but two of the Certbot packages are quite out of date and out of sync with the others.

Plus, python3-certbot-dns-digitalocean isn’t installed at all, which means it must be installed some other way, and its version might also be out of sync.

I guess you should upgrade your packages, apt install python3-certbot-dns-digitalocean, and hunt down the other copy of the DigitalOcean plugin and delete it (carefully).

(The python3-certbot-dns-digitalocean package is version 0.23.0, but it’s supposed to be. The plugin hasn’t changed recently and the PPA is managed in a compatible way.)


Thank you very much.

I installed python3-certbot-dns-digitalocean specifically and upgraded to certbot 0.31.0. Using apt-get on Ubuntu 18.04 LTS doesn’t seem to upgrade properly, but apt works correctly. Finally specifying --dns-digitalocean with cron script did the trick.

I can’t recall for certain, but I believe initially I simply followed the instructions on Digital Ocean. Those steps work for command line, but didn’t once I added the renew script to cron.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.