[SOLVED] Certbot on Ubuntu - Cron Job Configuration Not Working As Expected - Work when Command is Run in shell

I ran this command:

nslookup acme-v01.api.letsencrypt.org

It produced this output:
acme-v01.api.letsencrypt.org canonical name = api.letsencrypt.org.edgekey.net.
api.letsencrypt.org.edgekey.net canonical name = e981.dscb.akamaiedge.net.
Name: e981.dscb.akamaiedge.net
Address: 104.122.243.227

The operating system is (include version): Ubuntu 14.04.5 LXC

I have a cron job with the following command:
0 10 * * * root certbot -q renew

I have the following error:

error: HTTPSConnectionPool(host='acme-v01.api.letsencrypt.org', port=443): Max retries exceeded with url:
+/directory (Caused by NewConnectionError('<requests.packages.urllib3.connection.VerifiedHTTPSConnection
+object at 0x7f00f8d7a5d0>: Failed to establish a new connection: [Errno -2] Name or service not known',)).
+Skipping.

If I run certbot -q renew from console shell, I can renew a cert without any problem.

I have certbot 0.14.2

What is wrong when i run certbot from cron?

hi @GusevVictor

What do you think is wrong and how would you go about troubleshooting next steps

This particular error has been discussed before and potential reasons why as well as diagnosis steps are available if you search this forum

Andrei

Dear ahaw021, I can’t have any firewall and I can update my cert from console but not from cronjob.

Best regard,
Viktor.

Whenever this error has come up in the past, it’s always related to some kind of firewall, including a host-based firewall, that limits the ability of software on the computer to make outbound connections. Are you positive that you don’t have any kind of software that controls other software’s ability to make outbound network connections from your server?

Dear schoen, there is no problem in certbot at all. I looks like a problem with LXC+Proxmox. I have the following test:

my crontab contains:
0 10 * * * root ping -c2 acme-v01.api.letsencrypt.org ; certbot -q renew

In cron log I see:

ping: unknown host acme-v01.api.letsencrypt.org

Thank a lot for you help to me. I think you can close this topic.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.