Dear Mr Schoen.
We revoke a certificate for drgreggpoquetteblog.com
There are not entries for drgreggpoquetteblog.com under any of the directories
/etc/letsencrypt/*
In the mail for the cron job, I see this
No certificate found with name drgreggpoquetteblog.com (expected /etc/letsencrypt/renewal/drgreggpoquetteblog.com.conf)
The system does not give me the “There are not entries …” message ever again, so the system does cleanup after itself.
The start of the 98kb lestencrypt.log
2019-09-18 06:34:47,314:DEBUG:certbot.main:certbot version: 0.31.0
2019-09-18 06:34:47,316:DEBUG:certbot.main:Arguments: [’-q’]
2019-09-18 06:34:47,317:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-09-18 06:34:47,330:DEBUG:certbot.log:Root logging level set at 30
2019-09-18 06:34:47,331:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-09-18 06:34:47,368:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f7b410ab208> and installer <certbot.cli._Default object at 0x7f7b410ab208>
2019-09-18 06:34:47,413:INFO:certbot.renewal:Cert not yet due for renewal
2019-09-18 06:34:47,414:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2019-09-18 06:34:47,435:INFO:certbot.renewal:Cert not yet due for renewal
The entry from the “prior” days log for drgreggpoquetteblog
2019-09-18 06:26:33,162:DEBUG:certbot.main:certbot version: 0.31.0
2019-09-18 06:26:33,163:DEBUG:certbot.main:Arguments: [’-n’, ‘–cert-path’, ‘/etc/letsencrypt/live/drgreggpoquetteblog.com/cert.pem’, ‘–reason’, ‘superseded’]
2019-09-18 06:26:33,164:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-09-18 06:26:33,181:DEBUG:certbot.log:Root logging level set at 20
2019-09-18 06:26:33,182:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-09-18 06:26:33,183:DEBUG:certbot.main:Revoking /etc/letsencrypt/live/drgreggpoquetteblog.com/cert.pem using Account Key
2019-09-18 06:26:33,189:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2019-09-18 06:26:33,191:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2019-09-18 06:26:33,288:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “GET /directory HTTP/1.1” 200 658
2019-09-18 06:26:33,288:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 658
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 18 Sep 2019 11:26:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 18 Sep 2019 11:26:33 GMT
Connection: keep-alive
{
“4yKmgcGpsWg”: “Adding random entries to the directory”,
“keyChange”: “https://acme-v02.api.letsencrypt.org/acme/key-change”,
“meta”: {
“caaIdentities”: [
“letsencrypt.org”
],
“termsOfService”: “https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf”,
“website”: “https://letsencrypt.org”
},
“newAccount”: “https://acme-v02.api.letsencrypt.org/acme/new-acct”,
“newNonce”: “https://acme-v02.api.letsencrypt.org/acme/new-nonce”,
“newOrder”: “https://acme-v02.api.letsencrypt.org/acme/new-order”,
“revokeCert”: “https://acme-v02.api.letsencrypt.org/acme/revoke-cert”
}
2019-09-18 06:26:33,289:DEBUG:certbot.main:Reason code for revocation: 4
2019-09-18 06:26:33,289:DEBUG:acme.client:Requesting fresh nonce
2019-09-18 06:26:33,289:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2019-09-18 06:26:33,422:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “HEAD /acme/new-nonce HTTP/1.1” 200 0
2019-09-18 06:26:33,422:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0002k00dUk1Jht4RKA49KETZCQO5g5ew6DwnBXDpLT-Y_-0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Content-Length: 0
Expires: Wed, 18 Sep 2019 11:26:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 18 Sep 2019 11:26:33 GMT
Connection: keep-alive
2019-09-18 06:26:33,423:DEBUG:acme.client:Storing nonce: 0002k00dUk1Jht4RKA49KETZCQO5g5ew6DwnBXDpLT-Y_-0
2019-09-18 06:26:33,423:DEBUG:acme.client:JWS payload:
b’{\n “resource”: “revoke-cert”,\n “certificate”: “MIIFgzCCBGugAwIBAgISA43z1c619oY7ovAb92Tf_md6MA0GCSqGSIb3DQEBCwUAMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQDExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA4MTMxNjMxNThaFw0xOTExMTExNjMxNThaMCIxIDAeBgNVBAMTF2RyZ3JlZ2dwb3F1ZXR0ZWJsb2cuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5QOle56XtTvzuh7lX8vi2oIU5YXOc0i2P22MB-epoaeUWAqK1GOjJdzjJBcsdN1HZTmbdiJ-bvMFESCjG4-zx-NzRRZDQ52uYwp9S83jkMjb5KaSVSKOCdrd0feTAz3YvJ10rIYZPJTOh-RniuIbvAuYRypjNhYSScNCkD3YG-iHpdES7k8rqBq9u9AgsHgH_UPLK3yHSaX7WAOeVGbUdDQLQnAbr5NtIdo-N1cUoVchZIhSBkmCLoIWAgmjWPmTICOyegSVDd1Vvb95AlW8y_j6xHpcgmENLKiQC8yPXX3hgT22j0aaLfsl4ZuQcGgpuhFGM6MjYyjdEMt6HzT2wIDAQABo4ICiTCCAoUwDgYDVR0PAQH_BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQSqOH_xSTjJL40eA5xhv18BrD9zjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMD8GA1UdEQQ4MDaCF2RyZ3JlZ2dwb3F1ZXR0ZWJsb2cuY29tght3d3cuZHJncmVnZ3BvcXVldHRlYmxvZy5jb20wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDiaUuuJujpQAnohhu2O4PUPuf-dIj7pI8okwGd3fHb_gAAAWyMCVd_AAAEAwBHMEUCIQCCMAghs85kMCudTwjOc9o7UPnWd-UAyAj8fvm72Y7NLgIgSqoRAJGJ0e0dWUbn2agACqNmPQTV6KVrkFswiK48zwwAdgBj8tvN6DvMLM8LcoQnV2szpI1hd4-9daY4scdoVEvYjQAAAWyMCVlpAAAEAwBHMEUCIGZ8AFcfL5E3hlCvAo6uAgWIxDbO94QrZk9rdj6i3y3ZAiEA9iOlePxsfZ3AA2rfJ-knENgimAs-pTdTSDpNCgfON3kwDQYJKoZIhvcNAQELBQADggEBAHVWBivqIRzGIpK44n2S2miTDFCA9kFK2py9ODCmglMQ9dPM6iyfUaTcXC6xb0gJoX4lU48FLN00v9BYCsBCJ7OQDdTRLTKk8H8JCFDpBAj4g0w9Nlr4u65L_1hZfz5XWlTiqqusx-JCLy5Kfa0Ld0egMgkNQP2GBm8zHhTZYFW0577WitccMQUIAh_JHUO8sibksFbMhoxLg5PVoztiIc_Cg0XnX1qO7W8ye0KoTulQ_nU1lmwwB4oIMODNTBLfzrKABnf2yc8DGJGl9VbBlVxnzSNJLZs3pj3a_wc3ZVZhhzz0EskEnALDDUbk58aNOazXm7gbtzLbAIsgpPjkZdk”,\n “reason”: 4\n}’
2019-09-18 06:26:33,427:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/revoke-cert:
{
“protected”: “eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNTc2NzgyMjciLCAibm9uY2UiOiAiMDAwMmswMGRVazFKaHQ0UktBNDlLRVRaQ1FPNWc1ZXc2RHduQlhEcExULVlfLTAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL3Jldm9rZS1jZXJ0In0”,
“signature”: “WKOLHrycbytbmrD3VlDau4LDRRHFYcvfZm35hKKt6qtwFCdsrqjnIIZ1nhO8Mqx6WYEkHTlO_NldcXeyvvnlX77CHmPSpiwtt4iuAFzpaGsLYV5ONTPr35h_OU_b9yCxPTaE2JEA8iDeLpCFlwUflkCtD995f6E_QnMdK4VDoPRha-SK7czqhqn9hhJsbtOlimyup9txJneVeXlkDnpKyyZGL-V_pRS1CqV_-gvMqSFpDHhOU1-VeqnQkVZXy8n0b448VqxyCCwbwKm0KaIubWuIOLbzEQTZW_E4b7EsLzzDSh8KDWPM74r_Xr2PN8KXT5-NC9vAkoracp7DoV8xeQ”,
“payload”: “ewogICJyZXNvdXJjZSI6ICJyZXZva2UtY2VydCIsCiAgImNlcnRpZmljYXRlIjogIk1JSUZnekNDQkd1Z0F3SUJBZ0lTQTQzejFjNjE5b1k3b3ZBYjkyVGZfbWQ2TUEwR0NTcUdTSWIzRFFFQkN3VUFNRW94Q3pBSkJnTlZCQVlUQWxWVE1SWXdGQVlEVlFRS0V3MU1aWFFuY3lCRmJtTnllWEIwTVNNd0lRWURWUVFERXhwTVpYUW5jeUJGYm1OeWVYQjBJRUYxZEdodmNtbDBlU0JZTXpBZUZ3MHhPVEE0TVRNeE5qTXhOVGhhRncweE9URXhNVEV4TmpNeE5UaGFNQ0l4SURBZUJnTlZCQU1URjJSeVozSmxaMmR3YjNGMVpYUjBaV0pzYjJjdVkyOXRNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXQ1UU9sZTU2WHRUdnp1aDdsWDh2aTJvSVU1WVhPYzBpMlAyMk1CLWVwb2FlVVdBcUsxR09qSmR6akpCY3NkTjFIWlRtYmRpSi1idk1GRVNDakc0LXp4LU56UlJaRFE1MnVZd3A5UzgzamtNamI1S2FTVlNLT0NkcmQwZmVUQXozWXZKMTBySVlaUEpUT2gtUm5pdUlidkF1WVJ5cGpOaFlTU2NOQ2tEM1lHLWlIcGRFUzdrOHJxQnE5dTlBZ3NIZ0hfVVBMSzN5SFNhWDdXQU9lVkdiVWREUUxRbkFicjVOdElkby1OMWNVb1ZjaFpJaFNCa21DTG9JV0FnbWpXUG1USUNPeWVnU1ZEZDFWdmI5NUFsVzh5X2o2eEhwY2dtRU5MS2lRQzh5UFhYM2hnVDIyajBhYUxmc2w0WnVRY0dncHVoRkdNNk1qWXlqZEVNdDZIelQyd0lEQVFBQm80SUNpVENDQW9Vd0RnWURWUjBQQVFIX0JBUURBZ1dnTUIwR0ExVWRKUVFXTUJRR0NDc0dBUVVGQndNQkJnZ3JCZ0VGQlFjREFqQU1CZ05WSFJNQkFmOEVBakFBTUIwR0ExVWREZ1FXQkJRU3FPSF94U1RqSkw0MGVBNXhodjE4QnJEOXpqQWZCZ05WSFNNRUdEQVdnQlNvU21wakJIM2R1dWJST2JlbVJXWHY4Nmpzb1RCdkJnZ3JCZ0VGQlFjQkFRUmpNR0V3TGdZSUt3WUJCUVVITUFHR0ltaDBkSEE2THk5dlkzTndMbWx1ZEMxNE15NXNaWFJ6Wlc1amNubHdkQzV2Y21jd0x3WUlLd1lCQlFVSE1BS0dJMmgwZEhBNkx5OWpaWEowTG1sdWRDMTRNeTVzWlhSelpXNWpjbmx3ZEM1dmNtY3ZNRDhHQTFVZEVRUTRNRGFDRjJSeVozSmxaMmR3YjNGMVpYUjBaV0pzYjJjdVkyOXRnaHQzZDNjdVpISm5jbVZuWjNCdmNYVmxkSFJsWW14dlp5NWpiMjB3VEFZRFZSMGdCRVV3UXpBSUJnWm5nUXdCQWdFd053WUxLd1lCQkFHQzN4TUJBUUV3S0RBbUJnZ3JCZ0VGQlFjQ0FSWWFhSFIwY0RvdkwyTndjeTVzWlhSelpXNWpjbmx3ZEM1dmNtY3dnZ0VFQmdvckJnRUVBZFo1QWdRQ0JJSDFCSUh5QVBBQWRnRGlhVXV1SnVqcFFBbm9oaHUyTzRQVVB1Zi1kSWo3cEk4b2t3R2QzZkhiX2dBQUFXeU1DVmRfQUFBRUF3QkhNRVVDSVFDQ01BZ2hzODVrTUN1ZFR3ak9jOW83VVBuV2QtVUF5QWo4ZnZtNzJZN05MZ0lnU3FvUkFKR0owZTBkV1VibjJhZ0FDcU5tUFFUVjZLVnJrRnN3aUs0OHp3d0FkZ0JqOHR2TjZEdk1MTThMY29RblYyc3pwSTFoZDQtOWRhWTRzY2RvVkV2WWpRQUFBV3lNQ1ZscEFBQUVBd0JITUVVQ0lHWjhBRmNmTDVFM2hsQ3ZBbzZ1QWdXSXhEYk85NFFyWms5cmRqNmkzeTNaQWlFQTlpT2xlUHhzZlozQUEycmZKLWtuRU5naW1Bcy1wVGRUU0RwTkNnZk9OM2t3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUhWV0JpdnFJUnpHSXBLNDRuMlMybWlUREZDQTlrRksycHk5T0RDbWdsTVE5ZFBNNml5ZlVhVGNYQzZ4YjBnSm9YNGxVNDhGTE4wMHY5QllDc0JDSjdPUURkVFJMVEtrOEg4SkNGRHBCQWo0ZzB3OU5scjR1NjVMXzFoWmZ6NVhXbFRpcXF1c3gtSkNMeTVLZmEwTGQwZWdNZ2tOUVAyR0JtOHpIaFRaWUZXMDU3N1dpdGNjTVFVSUFoX0pIVU84c2lia3NGYk1ob3hMZzVQVm96dGlJY19DZzBYblgxcU83Vzh5ZTBLb1R1bFFfblUxbG13d0I0b0lNT0ROVEJMZnpyS0FCbmYyeWM4REdKR2w5VmJCbFZ4bnpTTkpMWnMzcGozYV93YzNaVlpoaHp6MEVza0VuQUxERFViazU4YU5PYXpYbTdnYnR6TGJBSXNncFBqa1pkayIsCiAgInJlYXNvbiI6IDQKfQ”
}
2019-09-18 06:26:33,930:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/revoke-cert HTTP/1.1” 200 0
2019-09-18 06:26:33,930:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Length: 0
Boulder-Requester: 57678227
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0001DaHDW9s1L8SuwG4Aq_MSfZEpZq0pZuyYuXjapjhkqUg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 18 Sep 2019 11:26:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 18 Sep 2019 11:26:33 GMT
Connection: keep-alive
2019-09-18 06:26:33,931:DEBUG:acme.client:Storing nonce: 0001DaHDW9s1L8SuwG4Aq_MSfZEpZq0pZuyYuXjapjhkqUg
2019-09-18 06:26:36,141:DEBUG:certbot.storage:Removed /etc/letsencrypt/renewal/drgreggpoquetteblog.com.conf
2019-09-18 06:26:36,177:DEBUG:certbot.storage:Removed /etc/letsencrypt/live/drgreggpoquetteblog.com/cert.pem
2019-09-18 06:26:36,177:DEBUG:certbot.storage:Removed /etc/letsencrypt/live/drgreggpoquetteblog.com/privkey.pem
2019-09-18 06:26:36,177:DEBUG:certbot.storage:Removed /etc/letsencrypt/live/drgreggpoquetteblog.com/chain.pem
2019-09-18 06:26:36,177:DEBUG:certbot.storage:Removed /etc/letsencrypt/live/drgreggpoquetteblog.com/fullchain.pem
2019-09-18 06:26:36,179:DEBUG:certbot.storage:Removed /etc/letsencrypt/live/drgreggpoquetteblog.com/README
2019-09-18 06:26:36,211:DEBUG:certbot.storage:Removed /etc/letsencrypt/live/drgreggpoquetteblog.com
2019-09-18 06:26:36,221:DEBUG:certbot.storage:Removed /etc/letsencrypt/archive/drgreggpoquetteblog.com
2019-09-18 06:26:36,933:DEBUG:certbot.main:certbot version: 0.31.0
2019-09-18 06:26:36,935:DEBUG:certbot.main:Arguments: [’-n’, ‘–cert-name’, ‘drgreggpoquetteblog.com’]
2019-09-18 06:26:36,936:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-09-18 06:26:36,952:DEBUG:certbot.log:Root logging level set at 20
2019-09-18 06:26:36,957:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-09-18 06:26:36,958:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/usr/bin/certbot”, line 11, in
load_entry_point(‘certbot==0.31.0’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1365, in main
return config.func(config, plugins)
File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1024, in delete
cert_manager.delete(config)
File “/usr/lib/python3/dist-packages/certbot/cert_manager.py”, line 95, in delete
storage.delete_files(config, certname)
File “/usr/lib/python3/dist-packages/certbot/storage.py”, line 316, in delete_files
renewal_filename = renewal_file_for_certname(config, certname)
File “/usr/lib/python3/dist-packages/certbot/storage.py”, line 53, in renewal_file_for_certname
“{1}).”.format(certname, path))
certbot.errors.CertStorageError: No certificate found with name drgreggpoquetteblog.com (expected /etc/letsencrypt/renewal/drgreggpoquetteblog.com.conf).
My logs
Revoking certifcates for : /etc/letsencrypt for entries in /var/www/html/wip/certs/1-deletes-2019-09-18.dat
Deleting Vhost files in : /etc/apache2/sites-enabled for entries in /var/www/html/wip/certs/1-deletes-2019-09-18.dat
asite : drgreggpoquetteblog
cmd1: certbot revoke -n --cert-path /etc/letsencrypt/live/drgreggpoquetteblog.com/cert.pem --reason superseded
opA1
Array
(
[0] =>
[1] => - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[2] => Deleted all files relating to certificate drgreggpoquetteblog.com.
[3] => - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[4] =>
[5] => - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[6] => Congratulations! You have successfully revoked the certificate that was located
[7] => at /etc/letsencrypt/live/drgreggpoquetteblog.com/cert.pem
[8] =>
[9] => - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
)
iretval1 0 opS1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
cmd1: certbot delete -n --cert-name drgreggpoquetteblog.com
opA1
Array
(
)
iretval1 0 opS2
tst for revokes Array
(
)
Deleted file /etc/apache2/sites-enabled/drgreggpoquetteblog-le-ssl.conf
Deleted file /etc/apache2/sites-enabled/drgreggpoquetteblog.conf