Renewal failure

My certificates stopped renewing. Upon investigating ( by running certbot manually )
I get the message below. It’s definitely a bug that the end result is
“cert not yet due for renewal” instead of some recognisable error state.

Its also a bug that the error message was not captured by the log. I run
./certbot.auto >> logfile

The underlying problem is an invalid vhost.conf file, which was left around
randomly after some other operations on site configuration. The invalid
file is not your problem, but maybe shouldn’t have be a show stopper
for the renewal process.

Plugins selected: Authenticator webroot, Installer None
Cert not yet due for renewal
Keeping the existing certificate
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Error while running apachectl configtest.

httpd: Syntax error on line 236 of /etc/httpd/conf/httpd.conf: Syntax error on line 79 of /etc/httpd/conf.d/vhost_git.boardspace.net.conf: Include directory ‘/home/git/var/git.boardspace.net/apache’ not found

Plugins selected: Authenticator webroot, Installer None
Cert not yet due for renewal

How is apachectl involved here? Are you using something like --deploy-hook to call it?

In that case "not yet due for renewal" would be accurate, as the certificate itself would still be renewed and stored on disk.

I can't recall whether failed hooks generate cron output when Certbot is run with -q/--quiet. But Certbot does ignore their exit code.

the certbot command is
…/certbot-auto -n --installer apache --webroot -w /home/boardspa/boardspace.net/html/ -d www.boardspace.net,boardspace.net certonly >> renew.log

I only started investigating because I got a warning (from letsencrypt) that the domain was due to be renewed (in 20 days)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.