I'm trying to renew a certificate for domain smtp.radiom.fr.
It's been issued with the following command:
/usr/bin/certbot certonly --manual --preferred-challenges dns -d smtp.radiom.fr
... because I can't have a webroot on this host.
I have a Cron job that tries to renew all the certificates I issued with:
/usr/bin/certbot renew --rsa-key-size 4096
... but it fails with the following error:
Processing /etc/letsencrypt/renewal/smtp.radiom.fr.conf
Cert is due for renewal, auto-renewing...
Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',)
Attempting to renew cert from /etc/letsencrypt/renewal/smtp.radiom.fr.conf produced an unexpected error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',). Skipping.
My /etc/letsencrypt/renewal/smtp.radiom.fr.conf contains:
# renew_before_expiry = 30 days
version = 0.9.3
cert = /etc/letsencrypt/live/smtp.radiom.fr/cert.pem
privkey = /etc/letsencrypt/live/smtp.radiom.fr/privkey.pem
chain = /etc/letsencrypt/live/smtp.radiom.fr/chain.pem
fullchain = /etc/letsencrypt/live/smtp.radiom.fr/fullchain.pem
# Options used in the renewal process
[renewalparams]
authenticator = manual
installer = None
account = f94e3173b6dc085a046749d3bac1863c
manual_public_ip_logging_ok = True
I'm not sure where my problem is. If I was to manually renew this certificate because of the DNS challenge, that would be okay for me.
Thank you for your hints.