I have created a certificate for an internal server on my network by running the following command:
sudo certbot certonly --manual -d internal-server.example.com
I temporarily created an A Record for my domain that allowed the authorization to work and the certificate was issued. I deleted the temporary A record, and the certificate works great… Until I try to renew…
When I try to renew i get an error that the manual plugin does not support non-interactive mode. Based on my understanding (from https://letsencrypt.org/how-it-works/), the domain validation only should only be required the first time around, so why would I need to run it interactively? Or am I misunderstanding the CSR signing process and domain validation? Is there anyway to automate this so I don’t have to make this server public facing everytime I want to renew the certificate?
Any guidance would be appreciated.
Thanks!
I ran this command: sudo certbot renew --force-renewal
It produced this output:
2016-10-31 11:15:54,766:WARNING:certbot.renewal:Attempting to renew cert from /etc/letsencrypt/renewal/internal-server.example.com.conf produced an unexpected error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘Running manual mode non-interactively is not supported’,). Skipping.
My operating system is (include version): CentOS 7
My web server is (include version): Apache 2.4.6
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No