Renewing certificates is failing (CentOS)


#1

Last month I installed letsencrypt on my centos machine and certificates were working great. However, my certificates will be invalid in a couple of days because they don’t seem to be renewing. Below you can see what my log file is mentioning. Has anyone experienced the same or can someone point me in the right direction to solve this? The errors are a bit unclear to me.

Thanks for helping out!

update: manually running “letsencrypt-auto renew” works!
update2: here’s my crontab entry:

30 2 * * 1 /opt/letsencrypt/letsencrypt-auto renew >> /var/log/le-renew.log

The log file gives me:
All renewal attempts failed. The following certs could not be renewed:

tail -f /var/log/letsencrypt/letsencrypt.log
File “/root/.local/share/letsencrypt/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/main.py”, line 744, in main
return config.func(config, plugins)
File “/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/main.py”, line 584, in renew
renewal.renew_all_lineages(config)
File “/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/renewal.py”, line 363, in renew_all_lineages
len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 0 parse failure(s)


#2

That tail output is a bit after something goes wrong, can you ask tail for maybe 20 or 30 lines rather than the default ?

tail -30 /var/log/letsencrypt/letsencrypt.log might do it, although if you’ve renewed successfully by hand since it failed, there might be a success in there so you’d need to go back a bit further.


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.