Renewal is failing - Not sure why

Help
1

I am running uCRM which is a custom CRM tool. It has a built-in Let's Encrypt support and recently no longer is able to renew and I do not know why. No changes were made on my end.

My domain is:
crm.ilines.net

I ran this command:

It produced this output: - I had to trim the log output as the forum would not let me post the whole thing.

2022-08-23 19:18:03,862:DEBUG:certbot.main:certbot version: 0.35.1
2022-08-23 19:18:03,863:DEBUG:certbot.main:Arguments: ['--config', '/data/ssl/certbot.ini', '-d', 'crm.ilines.net']
2022-08-23 19:18:03,863:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-08-23 19:18:03,944:DEBUG:certbot.log:Root logging level set at 30
2022-08-23 19:18:03,945:INFO:certbot.log:Saving debug log to /data/log/ucrm/letsencrypt/letsencrypt.log
2022-08-23 19:18:03,946:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2022-08-23 19:18:03,953:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f1fe5e05810>
Prep: True
2022-08-23 19:18:03,954:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f1fe5e05810> and installer None
2022-08-23 19:18:03,954:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2022-08-23 19:18:03,960:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/163960310', new_authzr_uri=None, terms_of_service=None), 88008b19b878d75f971763f971d4241a, Meta(creation_dt=datetime.datetime(2021, 8, 16, 18, 42, 4, tzinfo=<UTC>), creation_host='2ab099763a81'))>
2022-08-23 19:18:03,961:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2022-08-23 19:18:03,966:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2022-08-23 19:18:04,126:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 672
2022-08-23 19:18:04,128:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:04 GMT
Content-Type: application/json
Content-Length: 672
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2022-08-23 19:18:04,148:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2022-09-10 17:42:08 UTC.
2022-08-23 19:18:04,148:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2022-08-23 19:18:04,149:INFO:certbot.main:Renewing an existing certificate
2022-08-23 19:18:04,445:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0055_key-certbot.pem
2022-08-23 19:18:04,451:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0055_csr-certbot.pem
2022-08-23 19:18:04,452:DEBUG:acme.client:Requesting fresh nonce
2022-08-23 19:18:04,452:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2022-08-23 19:18:04,506:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2022-08-23 19:18:04,506:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:04 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002PyGW0FFtB0Qstu22GopQCY0c5Ov78QyErXEVx3D4L3o
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2022-08-23 19:18:04,507:DEBUG:acme.client:Storing nonce: 0002PyGW0FFtB0Qstu22GopQCY0c5Ov78QyErXEVx3D4L3o
2022-08-23 19:18:04,507:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "crm.ilines.net"\n    }\n  ]\n}'
2022-08-23 19:18:04,511:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDJQeUdXMEZGdEIwUXN0dTIyR29wUUNZMGM1T3Y3OFF5RXJYRVZ4M0Q0TDNvIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "qDHPWBEnLhFUUSrKAhKT9VTWzOcih2u7x_kkt5YiqGD4RWtQacSX2ScjLZaBK9SW4ZdXqe4lKFfo_ULlRWOP25_LJTisxULoKRs2JIF9DDD3jVtdEfgrzJImrlOjiBAMp8qSIbBEeRgsvFE3JgTlvDQlyzovCyYHA7bIjmBn3yO9fNiMqWgH7MDTM0WTOxAE-mjpE5VIXZoIoueIY1LuuFFoKTnSqEzRM73Y9MCQrE9h-Xt3647fxOHS57-xrab6ADDME0bMOUs3AuyBRU_urvYqYCYBxFAw67hSUJK9u-pCjXJC_oHzHPxZjupLrj_25mvn3jgjSTYf_Glfoo5UWw",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNybS5pbGluZXMubmV0IgogICAgfQogIF0KfQ"
}
2022-08-23 19:18:04,618:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 339
2022-08-23 19:18:04,619:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 23 Aug 2022 19:18:04 GMT
Content-Type: application/json
Content-Length: 339
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/163960310/118916152537
Replay-Nonce: 00025leaMn3z7n1rLTsvLzdtDlupFZf6VmgS-Vt5RwBEhqY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2022-08-30T19:18:04Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "crm.ilines.net"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/163960310/118916152537"
}
2022-08-23 19:18:04,619:DEBUG:acme.client:Storing nonce: 00025leaMn3z7n1rLTsvLzdtDlupFZf6VmgS-Vt5RwBEhqY
2022-08-23 19:18:04,620:DEBUG:acme.client:JWS payload:
b''
2022-08-23 19:18:04,623:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDI1bGVhTW4zejduMXJMVHN2THpkdERsdXBGWmY2Vm1nUy1WdDVSd0JFaHFZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDUzNzE5OTgxNzcifQ",
  "signature": "hGVfh_yo09w1i29COvc53UIrUXsracDgDg3ZSSzaUxKG6qZZ-N0_RNGWUEyy_WzxtLIdkblTfC8fq4jmymazJlY9yRhHwXO-brhZOp-GMqkc0B_-Wch1naSLSIMj9iqewmwoSQKpAB18w_09eduNjWSiKlhN-BPeW2tMlwBvCNOSNLysJDtg0vkG3IK26r8oRAD6g1bRH6ZzMLHYC4R747E1IiKSIDhxM5ulB0F0Oa6evSQXkPkIA9ZRLtCQnjRBjs3PhSjcyyDTrYaFwqL_J9NaeuqTcc3Z_tsJspVTlJGhH2t8mm1SCFZ362N8ccIzCy6nie2r0snddiyAsfAKpA",
  "payload": ""
}
2022-08-23 19:18:04,688:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/145371998177 HTTP/1.1" 200 798
2022-08-23 19:18:04,690:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:04 GMT
Content-Type: application/json
Content-Length: 798
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 00013ESfPk6ul-BPTqsbM-yPzJQZAa0m3Z7H3oxKJz_yYm8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "crm.ilines.net"
  },
  "status": "pending",
  "expires": "2022-08-30T19:18:04Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/rl0PMw",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/zL1vhg",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    }
  ]
}
2022-08-23 19:18:04,690:DEBUG:acme.client:Storing nonce: 00013ESfPk6ul-BPTqsbM-yPzJQZAa0m3Z7H3oxKJz_yYm8
2022-08-23 19:18:04,692:INFO:certbot.auth_handler:Performing the following challenges:
2022-08-23 19:18:04,692:INFO:certbot.auth_handler:http-01 challenge for crm.ilines.net
2022-08-23 19:18:04,693:INFO:certbot.plugins.webroot:Using the webroot path /usr/src/ucrm/web for all unmatched domains.
2022-08-23 19:18:04,693:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /usr/src/ucrm/web/.well-known/acme-challenge
2022-08-23 19:18:04,702:DEBUG:certbot.plugins.webroot:Attempting to save validation to /usr/src/ucrm/web/.well-known/acme-challenge/3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go
2022-08-23 19:18:04,703:INFO:certbot.auth_handler:Waiting for verification...
2022-08-23 19:18:04,704:DEBUG:acme.client:JWS payload:
b'{\n  "resource": "challenge",\n  "type": "http-01"\n}'
2022-08-23 19:18:04,710:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDEzRVNmUGs2dWwtQlBUcXNiTS15UHpKUVpBYTBtM1o3SDNveEtKel95WW04IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8xNDUzNzE5OTgxNzcvTzdOUGpBIn0",
  "signature": "fKaykXd6BD7buK7zYejFpqWkB0wbVra4fbek8PKB710c3fvRyi0gPnQVsBz0Sr3uIL6T85WZgHvkrfegGaXm7QzgHNrzL1VWMS7A1BwaQAnU8DwuRRQmFA_kV5TRnob-6RyXfojE1joWvDAZ0mDUYVobY9kWnUMVWlbND37rXkann_YBBk0yZZLmCmnOxf1e5MMZbuHv0POkfn-1l_wuj9ibzJa2ZPsgk5BevuMCkjVkN0iseoOzhLIWklcX2X8mLm7qbxedKp1pEexWcd2aRD7G2JT7C5HvgEHgjEpPhZ8peIS8jsv5oGYSgWhTk3zmLpD9rWJN4H-3C_y7A8NFJg",
  "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0"
}
2022-08-23 19:18:04,779:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/145371998177/O7NPjA HTTP/1.1" 200 187
2022-08-23 19:18:04,780:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:04 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA
Replay-Nonce: 0001q0PYCfqpmdNNdA8CaMQXESHuxwzCOfRh7HEVs9SZ0lg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
  "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
}
2022-08-23 19:18:04,781:DEBUG:acme.client:Storing nonce: 0001q0PYCfqpmdNNdA8CaMQXESHuxwzCOfRh7HEVs9SZ0lg
2022-08-23 19:18:05,783:DEBUG:acme.client:JWS payload:
b''
2022-08-23 19:18:05,787:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDFxMFBZQ2ZxcG1kTk5kQThDYU1RWEVTSHV4d3pDT2ZSaDdIRVZzOVNaMGxnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDUzNzE5OTgxNzcifQ",
  "signature": "pXhXmB1IKoghm39sYIeCf8j-i_dsyD5trWvbzh27eT9HJgBfy65CNb6S47uQfGClv-S712QER5jAmO6viChTUy3hE4AXpHeJkMX3TFgBYC7PIgKn9PwtAnm2K1iaP5cyRjBHd1NJcNNc6utMZY7yl4MJI32Xn6ZkvMupqxVclS55CJffjTiWoFbYUFr9INLeFxsMyhj1M6lpqk3Kkwh94BCKh-UnL_isC8LXiP0DyeYCk3VUetUwaiLwKma4meDFMgpilfa-3aCWe5PvhwaPqsl61j9bz0cQS4rzDEf0KWcd9eOVSZVh9XWD44tvCnl3BDGnKXHsF5206UsKqj5mMw",
  "payload": ""
}
2022-08-23 19:18:05,848:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/145371998177 HTTP/1.1" 200 798
2022-08-23 19:18:05,848:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:05 GMT
Content-Type: application/json
Content-Length: 798
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002C6oHD1-fEFRF5J5kKtyLN0kHBIqQRDYCSggGUF1QkYA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "crm.ilines.net"
  },
  "status": "pending",
  "expires": "2022-08-30T19:18:04Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/rl0PMw",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/zL1vhg",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    }
  ]
}
2022-08-23 19:18:05,849:DEBUG:acme.client:Storing nonce: 0002C6oHD1-fEFRF5J5kKtyLN0kHBIqQRDYCSggGUF1QkYA
2022-08-23 19:18:08,852:DEBUG:acme.client:JWS payload:
b''
2022-08-23 19:18:08,855:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDJDNm9IRDEtZkVGUkY1SjVrS3R5TE4wa0hCSXFRUkRZQ1NnZ0dVRjFRa1lBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDUzNzE5OTgxNzcifQ",
  "signature": "EiPINEjLlNr3mWMkTe7gm50Odsk1QHXMGnb2G5LrgeIRWXqopH5jdLh_f-XuoOPf3xFUEp4t49scgpJhYuQxvXJN_xZtYWuldtQWlpitCPVRuul0gf4Z_6gNYzge4vIlSchzDirZYoARGymkLBHawxbS9HxrNmR1aGZoGoTVeAIZWCiwzM7fZSTqcSnvKK9cjV1A0fe4XacotoWIyZ2KQBhgnuuKkyIWBKsEVFdMfKsiT6xgEziOdCgKcTUHUT3pSMwahJe41t5EUuPWP9y-gCPK45Q5lEPvMJA37MLxfSTDXxfjqY29O6HByJhEwvVLgET3GYWVtBpbe5CLeiWfSw",
  "payload": ""
}
2022-08-23 19:18:08,914:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/145371998177 HTTP/1.1" 200 798
2022-08-23 19:18:08,915:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:08 GMT
Content-Type: application/json
Content-Length: 798
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002dnHktPr-PyvPD_9LEISqz_ya2ToiVLdpHrR3-_Kh3sA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "crm.ilines.net"
  },
  "status": "pending",
  "expires": "2022-08-30T19:18:04Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/rl0PMw",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/zL1vhg",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    }
  ]
}
2022-08-23 19:18:08,915:DEBUG:acme.client:Storing nonce: 0002dnHktPr-PyvPD_9LEISqz_ya2ToiVLdpHrR3-_Kh3sA
2022-08-23 19:18:11,920:DEBUG:acme.client:JWS payload:
b''
2022-08-23 19:18:11,926:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDJkbkhrdFByLVB5dlBEXzlMRUlTcXpfeWEyVG9pVkxkcEhyUjMtX0toM3NBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDUzNzE5OTgxNzcifQ",
  "signature": "C_96HhpjLztuj-KpA-Ys5tD88swTlUYHO42maSYn7-t_1xa9FVOXXOqwguv7ESZlKhTg1TbxAhNEuNiAKLIpNibiuKlxfAxb_HvdvZ-VTwf3J-coN9cRN6wRC_EWpBeU6bAa3FymjgiVuuYkE2XZ-co9amMOeS4A8ijqP4VXi8tfoxfCTs1TZDiVjPuGwmMQWzf1IWyH5_NpsSzkSCOzU6x8ZYtj3T-CIyfXI5ZZAJzndn4rJUgfieBzgD_gV8TNRdS--PcB8kxb8nR8tGp1mlv0bqIJOYed_huYzkfeKIHLlYoCL3l3USl06Im8xU508W75AOIbVmsvofqwaDwXvw",
  "payload": ""
}
2022-08-23 19:18:11,998:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/145371998177 HTTP/1.1" 200 798
2022-08-23 19:18:11,999:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:11 GMT
Content-Type: application/json
Content-Length: 798
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0001nJUyAS3MVvVQrFa2-kPzd1zo5rLZjTwUk43mOZp217s
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "crm.ilines.net"
  },
  "status": "pending",
  "expires": "2022-08-30T19:18:04Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/rl0PMw",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/zL1vhg",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    }
  ]
}
2022-08-23 19:18:12,000:DEBUG:acme.client:Storing nonce: 0001nJUyAS3MVvVQrFa2-kPzd1zo5rLZjTwUk43mOZp217s
2022-08-23 19:18:15,004:DEBUG:acme.client:JWS payload:
b''
2022-08-23 19:18:15,013:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDFuSlV5QVMzTVZ2VlFyRmEyLWtQemQxem81ckxaalR3VWs0M21PWnAyMTdzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDUzNzE5OTgxNzcifQ",
  "signature": "OlPcZY-8zeTI648dyFnR7IK_o016o-KwcS8iD6tqplgQE4b1QDODaz2O_nGgMZI0ktcvQWgVbSiLkzDX6IKvYHY7bYtIFELNINzhWP0noEd467Y2mc8mPgLTMGYs31QagVc1Sz7v-q53rvcpyuTAoOpSRH8HKWidRavTlsVBB7iiQBecQO-95qEwN9Ic6Ek3nXi9HUzjj-M_7uf5EyGKw2VZlgQujfkU-UHaD8ultvMl2p_6Y4BMFC_2A1cxugbGTIKVifwHieNKct8-lE7U5zvAoqXRXJkuTd4axio9shecwYIa9L11Fl6tQhA4_WcgHaqiw0hjkNBJLggFJYZJaA",
  "payload": ""
}
2022-08-23 19:18:15,076:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/145371998177 HTTP/1.1" 200 798
2022-08-23 19:18:15,078:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:15 GMT
Content-Type: application/json
Content-Length: 798
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002hzaNbiYzcvm3-RTwAxFwYYwMKaRCM2PEkzKih9qCfig
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "crm.ilines.net"
  },
  "status": "pending",
  "expires": "2022-08-30T19:18:04Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/rl0PMw",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/zL1vhg",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    }
  ]
}
2022-08-23 19:18:15,079:DEBUG:acme.client:Storing nonce: 0002hzaNbiYzcvm3-RTwAxFwYYwMKaRCM2PEkzKih9qCfig
2022-08-23 19:18:18,084:DEBUG:acme.client:JWS payload:
b''
2022-08-23 19:18:18,087:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDJoemFOYmlZemN2bTMtUlR3QXhGd1lZd01LYVJDTTJQRWt6S2loOXFDZmlnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDUzNzE5OTgxNzcifQ",
  "signature": "bTWuFgs7SHIto6F3TlWws0982vUAmdmxdvVMU9XYCPxfYB0PU9xpvP1q6CdV1wJN5OirUVFgbsA4dTYsuHx7dg_diWIuLOI9C-m8S7u9G9CogC6CGMkoNwLmVwEJqWI3MuAPlul0auaW88XSQSwKZMy8oOKkSLmrI0EgjyLZt0RFrOvr1lG1QYIMj9vzlW9fEWxe3lo5_gmin6_JUAKxagglkdtPgCeqk1LK5nGByk268SpSKNOGYU0yUHOSeo9GC_38kZ79vtUVcX-4MC7_e7qYT3Ni5b11faOP-KZ1ZSGE3NCIM6o-nwK5wa1O_X4E9S7xiF0xNu5XWAHKy2BrFw",
  "payload": ""
}
2022-08-23 19:18:18,151:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/145371998177 HTTP/1.1" 200 798
2022-08-23 19:18:18,152:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:18 GMT
Content-Type: application/json
Content-Length: 798
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0001_tiJtxNOJ9hGylDaLU4S9hStr4hL2D4_COurv9eITDA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "crm.ilines.net"
  },
  "status": "pending",
  "expires": "2022-08-30T19:18:04Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/rl0PMw",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/zL1vhg",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    }
  ]
}
2022-08-23 19:18:18,153:DEBUG:acme.client:Storing nonce: 0001_tiJtxNOJ9hGylDaLU4S9hStr4hL2D4_COurv9eITDA
2022-08-23 19:18:21,156:DEBUG:acme.client:JWS payload:
b''
2022-08-23 19:18:21,162:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDFfdGlKdHhOT0o5aEd5bERhTFU0UzloU3RyNGhMMkQ0X0NPdXJ2OWVJVERBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDUzNzE5OTgxNzcifQ",
  "signature": "NlxGjhNGNEUWOmGlxChHtuxhcnEO89nJ3Dx_-8eCDO8wLfhr0ACEYGYkf1ZyJyke5M3jkLX-tmqGzQldbYgiC5PgZrC9bkwcPZYpMiCdOnYcrNkBMFrgQ9Qe_2aaBCIqJeuldQ9nIkl9BA2pM5iapP6VUrrCYdBChRXPhBU6Rxsa1WKmxOE9wzT3Vko_aRoCpCnF9xVUWUBu86FNnNogQ8YDvmdgDTqldzB2iduOg_EfHsKEYaiFdCMQjgREHwO_FL76ZsR-37zZ0_-JtEs79jROzZkYIeGFoqWw-KdykGZHN4Hk5Q7ds9aufhsIIj-hnunT9tD-jJ8T8xH1Xg55bA",
  "payload": ""
}
2022-08-23 19:18:21,225:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/145371998177 HTTP/1.1" 200 798
2022-08-23 19:18:21,226:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:21 GMT
Content-Type: application/json
Content-Length: 798
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002wYLJ2nVFNK33eaYUq5PHjLvZO5GkyVpJ2pNTFQtpt8Q
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "crm.ilines.net"
  },
  "status": "pending",
  "expires": "2022-08-30T19:18:04Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/rl0PMw",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/zL1vhg",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    }
  ]
}
2022-08-23 19:18:21,227:DEBUG:acme.client:Storing nonce: 0002wYLJ2nVFNK33eaYUq5PHjLvZO5GkyVpJ2pNTFQtpt8Q
2022-08-23 19:18:24,231:DEBUG:acme.client:JWS payload:
b''
2022-08-23 19:18:24,238:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDJ3WUxKMm5WRk5LMzNlYVlVcTVQSGpMdlpPNUdreVZwSjJwTlRGUXRwdDhRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDUzNzE5OTgxNzcifQ",
  "signature": "R4huIcwWxVzCBpd0wHqNWxEc2PFuj7bsmuJdGHGVoBbrQXij1pSZn-hMu1HSv1QQjuXuNNvBGLERavA5uG6u8G-R81Fk3VozjySFV5TPf7iLgJsb9-s5RFJMggNfC9tcX5_f6YxzHTXVou463GeMr3qyzAZWqVOdIHBTpgJDwEmZA_gdkYnG3VczBJAFj98r4pASGvjF-6v9sTobC97X1v_xUoMLxUAF0ThW1LME7UnLJ97alTfb06HkrrRf3rO2tIv-1xbW2LrTWkXJxC3Dbi0rAox25eJusdy9uhowraqhpOKQpLqk-02dpEJfUd6gXt0GdKqizD6J4wt2hmsHEQ",
  "payload": ""
}
2022-08-23 19:18:24,302:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/145371998177 HTTP/1.1" 200 798
2022-08-23 19:18:24,304:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:24 GMT
Content-Type: application/json
Content-Length: 798
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002qyXFTvtkwRQAWwKrr2ohIKCCdT5_s5Trv1z4AmfDlVs
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "crm.ilines.net"
  },
  "status": "pending",
  "expires": "2022-08-30T19:18:04Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/rl0PMw",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/zL1vhg",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    }
  ]
}
2022-08-23 19:18:24,304:DEBUG:acme.client:Storing nonce: 0002qyXFTvtkwRQAWwKrr2ohIKCCdT5_s5Trv1z4AmfDlVs
2022-08-23 19:18:27,308:DEBUG:acme.client:JWS payload:
b''
2022-08-23 19:18:27,311:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDJxeVhGVHZ0a3dSUUFXd0tycjJvaElLQ0NkVDVfczVUcnYxejRBbWZEbFZzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDUzNzE5OTgxNzcifQ",
  "signature": "HSyLjgc6jk2XB-qO5OQbu5Frca4q2yWJvPzN5DtKtSyyieapT9X6ODIUPE18wDIass8Le-2rjkL7kIfDGJg6-VaUYCIdy0MrPAImjtAFCRBUc8xf-IS28vDZWW5sm7uCZeWlMJ-2ps1Xu3kTzo44L8ml8mN3TMRYY3EVoidoTNdqThfQosKKo6FNXzfDaxHGYilUmJYATVcXTvIfV1u0NdtR4FqIyjDGJF15smCqePJl3jNTO9a4NqBZX0PZK5yr3Nl_nwcqUE_z3c1HVaP_1OFrtA458NCm_Zo_Jad1S_WKUQGf8tT2l3NQorhA6HOcuc8eARdZtP1bJDm0AjzzDw",
  "payload": ""
}
2022-08-23 19:18:27,372:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/145371998177 HTTP/1.1" 200 798
2022-08-23 19:18:27,373:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:27 GMT
Content-Type: application/json
Content-Length: 798
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 00020tJXVsSbbU7NaD6mFXGbLuEhVznXuCwEjUFU9ExMVss
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "crm.ilines.net"
  },
  "status": "pending",
  "expires": "2022-08-30T19:18:04Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/rl0PMw",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/zL1vhg",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    }
  ]
}
2022-08-23 19:18:27,373:DEBUG:acme.client:Storing nonce: 00020tJXVsSbbU7NaD6mFXGbLuEhVznXuCwEjUFU9ExMVss
2022-08-23 19:18:30,376:DEBUG:acme.client:JWS payload:
b''
2022-08-23 19:18:30,384:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDIwdEpYVnNTYmJVN05hRDZtRlhHYkx1RWhWem5YdUN3RWpVRlU5RXhNVnNzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDUzNzE5OTgxNzcifQ",
  "signature": "hW1SEOlVGCmqX01TTnsRiJLUl-PWUC1Iw_u6R25MtJZq94Bao0IY7pfgJ2qHtUVNLy0KQlpzm77W2AjrfWrMABCUdyyOHoqcA1hM0wZx24_1UB9qkeeNv4fA_eU0z48M1P7QS4LDcKVWIRRJ7kWv5t3pWmQzKlIoEGt-jqJCc6yoLDKARmDxx0g4hWpUI-97ieqPQbglTM7m8x7yoMDXMbFI82Q5LqCjcOBLDp3Ob3Z2afLGZcMlvx2vGoidKgxhmSGmIJmdHDlhVmqoxFGmLZAeboJ_-eI5j0gNMfGVzze6jbWL6ZJuIY85tfjZv_rY5Io-yoNUwmRYn88POczmXQ",
  "payload": ""
}
2022-08-23 19:18:30,447:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/145371998177 HTTP/1.1" 200 798
2022-08-23 19:18:30,448:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:30 GMT
Content-Type: application/json
Content-Length: 798
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 000128gkB97wPVeZjfjyhFjuvHxsDNZBeUh9b_ogMQSiF2g
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "crm.ilines.net"
  },
  "status": "pending",
  "expires": "2022-08-30T19:18:04Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/rl0PMw",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/zL1vhg",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    }
  ]
}
2022-08-23 19:18:30,449:DEBUG:acme.client:Storing nonce: 000128gkB97wPVeZjfjyhFjuvHxsDNZBeUh9b_ogMQSiF2g
2022-08-23 19:18:33,452:DEBUG:acme.client:JWS payload:
b''
2022-08-23 19:18:33,458:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDEyOGdrQjk3d1BWZVpqZmp5aEZqdXZIeHNETlpCZVVoOWJfb2dNUVNpRjJnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDUzNzE5OTgxNzcifQ",
  "signature": "uoulKRl0Jf5I6zvRnZzm4EvUV3AQ6y8ZxxwowKGugbnIyYWdsCbv9KbWE6tzS3witDtFkl4m3CTYOnR5TlWc-2eMw_vWj4XQch8qyR5tzyPUJVGKxEESCsMohTX5rr-P3mnU5uJeBvrQdFSvXwkzTHax6jNH1XsCjzJy9zXsXgUeHUV2rtT6gt8qxpsZh6qZeNzuN2KqOiuQqMPzcK0LUFnkWLK-NmJUoXu1ZDxA9A-CyL58uV7l0GkxtGoScQTnwT4xG49tMVQfjSb0cXb0amq0JQCBiBfem-RfIq1f4bEwLxr1f9xDhWylTV6dFdj1AU2w1NAF5ZI8sDHiLeCvkA",
  "payload": ""
}
2022-08-23 19:18:33,539:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/145371998177 HTTP/1.1" 200 798
2022-08-23 19:18:33,540:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:33 GMT
Content-Type: application/json
Content-Length: 798
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0001LknRH3DDfNlNZ4MW8L0nqSaP0Q0xsR1Ml7aAgZAPUjc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "crm.ilines.net"
  },
  "status": "pending",
  "expires": "2022-08-30T19:18:04Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/rl0PMw",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/zL1vhg",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go"
    }
  ]
}
2022-08-23 19:18:33,541:DEBUG:acme.client:Storing nonce: 0001LknRH3DDfNlNZ4MW8L0nqSaP0Q0xsR1Ml7aAgZAPUjc
2022-08-23 19:18:36,545:DEBUG:acme.client:JWS payload:
b''
2022-08-23 19:18:36,548:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/145371998177:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDFMa25SSDNERGZObE5aNE1XOEwwbnFTYVAwUTB4c1IxTWw3YUFnWkFQVWpjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDUzNzE5OTgxNzcifQ",
  "signature": "qUhyDCT1uImpXvm--14sG4NOZkZ8SJ77U-nAL_L9RmxXxHiAx7b9FsU6ZQWM5gjHlHADSwFiZB1ZLNOhlH0VmNoojogl1AFD6W_rRqVwRTN1jw9OVSDZZMu6M9sSx-SnFwUf3Yz5JF2N64_lijxkJrGZRQg9EkL7fEHkdqNmEn2riMHRWIKFSs0pm6OjsTK8GoEVHQ2nF7Fy2ASSavo1wAIrnYdkaws7NMgYSbXlpEvJi3Vl2DQ6QXY3-cfJwbrtGra5aLVCx5ppPfglRv19h1xNTXfsMewkZHoWNWibs0CXAMDfN0h57fhgFLmD014N6eF4fGakjapKOtZzW-Krug",
  "payload": ""
}
2022-08-23 19:18:36,611:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/145371998177 HTTP/1.1" 200 699
2022-08-23 19:18:36,612:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 23 Aug 2022 19:18:36 GMT
Content-Type: application/json
Content-Length: 699
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002Sjo-NuFgK49le8HBcJplLhCUgY40eFi6UrqwoeZWfCE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "crm.ilines.net"
  },
  "status": "invalid",
  "expires": "2022-08-30T19:18:04Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:dns",
        "detail": "DNS problem: SERVFAIL looking up A for crm.ilines.net - the domain's nameservers may be malfunctioning; DNS problem: query timed out looking up AAAA for crm.ilines.net",
        "status": 400
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/145371998177/O7NPjA",
      "token": "3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go",
      "validated": "2022-08-23T19:18:04Z"
    }
  ]
}
2022-08-23 19:18:36,613:DEBUG:acme.client:Storing nonce: 0002Sjo-NuFgK49le8HBcJplLhCUgY40eFi6UrqwoeZWfCE
2022-08-23 19:18:36,614:WARNING:certbot.auth_handler:Challenge failed for domain crm.ilines.net
2022-08-23 19:18:36,614:INFO:certbot.auth_handler:http-01 challenge for crm.ilines.net
2022-08-23 19:18:36,614:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

Domain: crm.ilines.net
Type:   None
Detail: DNS problem: SERVFAIL looking up A for crm.ilines.net - the domain's nameservers may be malfunctioning; DNS problem: query timed out looking up AAAA for crm.ilines.net
2022-08-23 19:18:36,615:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python3.7/site-packages/certbot/auth_handler.py", line 90, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/usr/lib/python3.7/site-packages/certbot/auth_handler.py", line 154, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2022-08-23 19:18:36,615:DEBUG:certbot.error_handler:Calling registered functions
2022-08-23 19:18:36,616:INFO:certbot.auth_handler:Cleaning up challenges
2022-08-23 19:18:36,616:DEBUG:certbot.plugins.webroot:Removing /usr/src/ucrm/web/.well-known/acme-challenge/3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go
2022-08-23 19:18:36,617:DEBUG:certbot.plugins.webroot:All challenges cleaned up
2022-08-23 19:18:36,617:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    load_entry_point('certbot==0.35.1', 'console_scripts', 'certbot')()
  File "/usr/lib/python3.7/site-packages/certbot/main.py", line 1379, in main
    return config.func(config, plugins)
  File "/usr/lib/python3.7/site-packages/certbot/main.py", line 1262, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "/usr/lib/python3.7/site-packages/certbot/main.py", line 115, in _get_and_save_cert
    renewal.renew_cert(config, domains, le_client, lineage)
  File "/usr/lib/python3.7/site-packages/certbot/renewal.py", line 307, in renew_cert
    new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
  File "/usr/lib/python3.7/site-packages/certbot/client.py", line 349, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/usr/lib/python3.7/site-packages/certbot/client.py", line 385, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
  File "/usr/lib/python3.7/site-packages/certbot/auth_handler.py", line 90, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/usr/lib/python3.7/site-packages/certbot/auth_handler.py", line 154, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

My web server is (include version):
uCRM 2.16.15

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

1 Like
2

Near the end it seems to say there is an issue with the DNS for crm.ilines.net but I can do nslookups with my DNS servers and various public servers and it resolves both forward and reverse.

1 Like
3

Server OS is Ubuntu 20.04.2 LTS

1 Like
4

Hi @terintamel, and welcome to the LE community forum :slight_smile:

That version is very outdated.

3 Likes
5

Ok so the last time is succeeded was 8-12-2022 after that it has failed every time.

How would I go about updating the certbot version? Please know that the uCRM application is docker app if that matters.

1 Like
6

I'd start by asking the maintainers of that uCRM application for an update.

3 Likes
7

Well then I am up a creek as they deprecated uCRM last year and have moved on to an inferior application. There are no more updates by the maker.

1 Like
8

Then I'd try opening that container and seeing if certbot can be updated therein.
[make backup copies first]

3 Likes
9

So certbot version 0.35.1 stopped functioning on 8-12-2022?

1 Like
10

The last renewal was on 6-12-2022:
crt.sh | crm.ilines.net

I have no idea what stopped it from working since then.

3 Likes
11

So here is my log from 8-12-2022 which looked like the update succeeded. Is that not correct based on the log output?

2022-08-12 06:42:01,518:DEBUG:certbot.main:certbot version: 0.35.1
2022-08-12 06:42:01,518:DEBUG:certbot.main:Arguments: ['--config', '/data/ssl/certbot.ini']
2022-08-12 06:42:01,518:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-08-12 06:42:01,606:DEBUG:certbot.log:Root logging level set at 30
2022-08-12 06:42:01,606:INFO:certbot.log:Saving debug log to /data/log/ucrm/letsencrypt/letsencrypt.log
2022-08-12 06:42:01,618:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2022-08-12 06:42:01,623:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2022-08-12 06:42:01,978:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2022-08-12 06:42:01,979:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 12 Aug 2022 06:42:01 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "QDd59GIe6jA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2022-08-12 06:42:01,980:DEBUG:acme.client:Requesting fresh nonce
2022-08-12 06:42:01,980:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2022-08-12 06:42:02,033:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2022-08-12 06:42:02,034:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 12 Aug 2022 06:42:02 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 00019wdS0QGAGHzOLPUTe6BxNZHiv6JWfkRHNPxog3GfYBE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2022-08-12 06:42:02,034:DEBUG:acme.client:Storing nonce: 00019wdS0QGAGHzOLPUTe6BxNZHiv6JWfkRHNPxog3GfYBE
2022-08-12 06:42:02,035:DEBUG:acme.client:JWS payload:
b'{\n  "contact": [\n    "mailto:ilines_support@lebanon-utilities.com"\n  ],\n  "onlyReturnExisting": true\n}'
2022-08-12 06:42:02,041:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-acct:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAiandrIjogeyJuIjogIndCVHJRdmtZbnRUbmJxbXhiQm1tN0lRdGVJeFduV3FSN2lSbDJFSF94VjVCTjZKX1dYVExkTG1jeUdvdnhQRWMxTVd0ZUhzTkRTaG1BSFdWS0xHQXZzYW5LM2lXd1g1OERMVlpSVFJPWHZobG5zYkNLYW9HVzM4YTlQalRBWm9TcEFEbWR0QVI3a0ZxbWd0TDE5Rzk5dTYxaXpSWEM5RlBqZXJNNFJ5bm51Y1JrZ3k5cGxYX0M4T29qazZXZ3pqNDZrMUFVQ0t2bDhldWxaeGREU3h0ZU5JTUMwY3o5cTRubkdVNHVuX1EyMmtFcVp0a2pDU1prc3JWaG5LNDFIZFdEMUVUZnAtUTNKM2JaUC14RDltZkVCZzQ2LUdYYVZrSUJwMm03LXptRUtFV2pJamo0WG95cmUxbVpTQnlQYXpMRHI4alNBdF9TWVdxTERJNGNYbW1kdyIsICJlIjogIkFRQUIiLCAia3R5IjogIlJTQSJ9LCAibm9uY2UiOiAiMDAwMTl3ZFMwUUdBR0h6T0xQVVRlNkJ4TlpIaXY2Sldma1JITlB4b2czR2ZZQkUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1hY2N0In0",
  "signature": "SP0qTILSQJJGzXjCXdFBX6wvanbrcu3KyaHYRICDbWi45aTHVoOUdyZXyrqilRZtH6nPAlB8Rq8eZNOi3Z5oAvBGcQ4pXrQhgl96xCLnBNceBdf-w9Im7Bh5G6vp2Zq8KHIWytwubFI6PeZ2c2k3VnCuovbD2VCKADtM3L6xUZgM8nuW5OW4YAFfMr27z0vpYleRNX-qNdNh2GUK42gb1HsD67AGpp-02fdoK41JQoaFRPW_74xV6Q0A9WXG0j0qrb6kt5xxPS7VLd8zj4XUfe0NMKG0pFp9rhr0Ea4MeVYi5sRUFFKqSNL7RmfOa3CDo7QqHjIlUzMdvBjLIjAOHA",
  "payload": "ewogICJjb250YWN0IjogWwogICAgIm1haWx0bzppbGluZXNfc3VwcG9ydEBsZWJhbm9uLXV0aWxpdGllcy5jb20iCiAgXSwKICAib25seVJldHVybkV4aXN0aW5nIjogdHJ1ZQp9"
}
2022-08-12 06:42:02,099:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 200 569
2022-08-12 06:42:02,100:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 12 Aug 2022 06:42:02 GMT
Content-Type: application/json
Content-Length: 569
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/acct/163960310
Replay-Nonce: 0002nmYV4Eishl2DLzjdCBCIJL_GHzmdIIvSy4MtnE7OvO8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "key": {
    "kty": "RSA",
    "n": "wBTrQvkYntTnbqmxbBmm7IQteIxWnWqR7iRl2EH_xV5BN6J_WXTLdLmcyGovxPEc1MWteHsNDShmAHWVKLGAvsanK3iWwX58DLVZRTROXvhlnsbCKaoGW38a9PjTAZoSpADmdtAR7kFqmgtL19G99u61izRXC9FPjerM4RynnucRkgy9plX_C8Oojk6Wgzj46k1AUCKvl8eulZxdDSxteNIMC0cz9q4nnGU4un_Q22kEqZtkjCSZksrVhnK41HdWD1ETfp-Q3J3bZP-xD9mfEBg46-GXaVkIBp2m7-zmEKEWjIjj4Xoyre1mZSByPazLDr8jSAt_SYWqLDI4cXmmdw",
    "e": "AQAB"
  },
  "contact": [
    "mailto:ilines_support@lebanon-utilities.com"
  ],
  "initialIp": "66.103.104.23",
  "createdAt": "2021-08-16T18:42:04Z",
  "status": "valid"
}
2022-08-12 06:42:02,101:DEBUG:acme.client:Storing nonce: 0002nmYV4Eishl2DLzjdCBCIJL_GHzmdIIvSy4MtnE7OvO8
2022-08-12 06:42:02,101:DEBUG:acme.client:JWS payload:
b'{\n  "contact": [\n    "mailto:ilines_support@lebanon-utilities.com"\n  ],\n  "resource": "reg"\n}'
2022-08-12 06:42:02,104:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/acct/163960310:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYzOTYwMzEwIiwgIm5vbmNlIjogIjAwMDJubVlWNEVpc2hsMkRMempkQ0JDSUpMX0dIem1kSUl2U3k0TXRuRTdPdk84IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzE2Mzk2MDMxMCJ9",
  "signature": "Q2AS06f0uP3bu16fqN4XB5CQMAXp6GAlVJZgooR7B9cIjHmWDWMP0U-i1BN3-AAsPvfaf4O885s8ywBphFRYzPsLrjSW5Ny1vr06oA-WwSY9OU5YmRARG93g31F4_1CJ5kbS8LSpB-uIR04bg2AJbqqn6WP8fRw0Sh3Kb58NoAN4yLLlABpHS9tra8BE10VxeERujiTAjzUG6Acg6ydXmLHGZ6XmbA9ocC1F8I_5QSpdkNRwnU7AhppytRsXEkHtnfHJHdsInmv_NkryATapJ5-CEkjlcvn7creF9r-BiriTqdH1-AMQPpFF1XD5KquspiDYsPna17TGi9dB_m5J9w",
  "payload": "ewogICJjb250YWN0IjogWwogICAgIm1haWx0bzppbGluZXNfc3VwcG9ydEBsZWJhbm9uLXV0aWxpdGllcy5jb20iCiAgXSwKICAicmVzb3VyY2UiOiAicmVnIgp9"
}
2022-08-12 06:42:02,168:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/acct/163960310 HTTP/1.1" 200 569
2022-08-12 06:42:02,169:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 12 Aug 2022 06:42:02 GMT
Content-Type: application/json
Content-Length: 569
Connection: keep-alive
Boulder-Requester: 163960310
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel="terms-of-service"
Replay-Nonce: 0002W8Y5X1ZiOdWbyv5de6b2l-V9dmM1wF3T-eFMwOgx1Gg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "key": {
    "kty": "RSA",
    "n": "wBTrQvkYntTnbqmxbBmm7IQteIxWnWqR7iRl2EH_xV5BN6J_WXTLdLmcyGovxPEc1MWteHsNDShmAHWVKLGAvsanK3iWwX58DLVZRTROXvhlnsbCKaoGW38a9PjTAZoSpADmdtAR7kFqmgtL19G99u61izRXC9FPjerM4RynnucRkgy9plX_C8Oojk6Wgzj46k1AUCKvl8eulZxdDSxteNIMC0cz9q4nnGU4un_Q22kEqZtkjCSZksrVhnK41HdWD1ETfp-Q3J3bZP-xD9mfEBg46-GXaVkIBp2m7-zmEKEWjIjj4Xoyre1mZSByPazLDr8jSAt_SYWqLDI4cXmmdw",
    "e": "AQAB"
  },
  "contact": [
    "mailto:ilines_support@lebanon-utilities.com"
  ],
  "initialIp": "66.103.104.23",
  "createdAt": "2021-08-16T18:42:04Z",
  "status": "valid"
}
2022-08-12 06:42:02,169:DEBUG:acme.client:Storing nonce: 0002W8Y5X1ZiOdWbyv5de6b2l-V9dmM1wF3T-eFMwOgx1Gg
2022-08-12 06:42:02,171:DEBUG:certbot.reporter:Reporting to user: Your e-mail address was updated to ilines_support@lebanon-utilities.com.
1 Like
12

I see now on your link it looks like renewal period is every 2 months. So 6-12-22 is worked and then tried again on 8-12-22 and failed and has kept failing.

I defer to your expertise but is this error definitely due to certbot being out of date? Is that what would cause the DNS error?

1 Like
13

Is there more to that log file? [after: 2022-08-12 06:42:02,171]
I don't see any "error" or "fail" therein.

3 Likes
14

I think this is the failure?

Domain: crm.ilines.net
Type: None
Detail: DNS problem: SERVFAIL looking up A for crm.ilines.net - the domain's nameservers may be malfunctioning; DNS problem: query timed out looking up AAAA for crm.ilines.net
2022-08-23 19:18:36,615:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python3.7/site-packages/certbot/auth_handler.py", line 90, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3.7/site-packages/certbot/auth_handler.py", line 154, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2022-08-23 19:18:36,615:DEBUG:certbot.error_handler:Calling registered functions
2022-08-23 19:18:36,616:INFO:certbot.auth_handler:Cleaning up challenges
2022-08-23 19:18:36,616:DEBUG:certbot.plugins.webroot:Removing /usr/src/ucrm/web/.well-known/acme-challenge/3jdHzdEYXPS1weM1ngPYNXzyvAzvDcPzu5t3hpnG-go
2022-08-23 19:18:36,617:DEBUG:certbot.plugins.webroot:All challenges cleaned up
2022-08-23 19:18:36,617:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in
load_entry_point('certbot==0.35.1', 'console_scripts', 'certbot')()
File "/usr/lib/python3.7/site-packages/certbot/main.py", line 1379, in main
return config.func(config, plugins)
File "/usr/lib/python3.7/site-packages/certbot/main.py", line 1262, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/usr/lib/python3.7/site-packages/certbot/main.py", line 115, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/usr/lib/python3.7/site-packages/certbot/renewal.py", line 307, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
File "/usr/lib/python3.7/site-packages/certbot/client.py", line 349, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python3.7/site-packages/certbot/client.py", line 385, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/usr/lib/python3.7/site-packages/certbot/auth_handler.py", line 90, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3.7/site-packages/certbot/auth_handler.py", line 154, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

1 Like
15

I see.
Let me check on that now.

3 Likes
16

That date is in the future.

2 Likes
17

On your side of the world, on this side it was two months ago - LOL

3 Likes
18

I followed the format given.

3 Likes
19

Yes today is 8-23-22 (August 23rd 2022) and 6-12-2022 is June 12 2022.

2 Likes
20

There is a definite DNS problem.
See:
Let's Debug (letsdebug.net)

Who operates these DNS servers?:

ilines.net      nameserver = ns1.ilines.net
ilines.net      nameserver = ns2.ilines.net
ns1.ilines.net  internet address = 66.103.104.10
ns2.ilines.net  internet address = 66.103.104.11
3 Likes