I have a server with currently three websites using Let’s Encrypt. These certs get renewed without issues. Now I would like to generate a cert for the fourth new website. This is what I am getting:
certbot --apache certonly -w /path/to/docroot/ -d subdomain.example.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
An unexpected error occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 313, in ssl_wrap_socket
context.load_verify_locations(ca_certs, ca_cert_dir)
ssl.SSLError: [X509] no certificate or crl found (_ssl.c:3732)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 601, in urlopen
chunked=chunked)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 346, in _make_request
self._validate_conn(conn)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 852, in _validate_conn
conn.connect()
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 326, in connect
ssl_context=context)
File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 315, in ssl_wrap_socket
raise SSLError(e)
urllib3.exceptions.SSLError: [X509] no certificate or crl found (_ssl.c:3732)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 440, in send
timeout=timeout
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 639, in urlopen
_stacktrace=sys.exc_info()[2])
File "/usr/lib/python3/dist-packages/urllib3/util/retry.py", line 398, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLError(185090184, '[X509] no certificate or crl found (_ssl.c:3732)'),))
During handling of the above exception, another exception occurred:
requests.exceptions.SSLError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLError(185090184, '[X509] no certificate or crl found (_ssl.c:3732)'),))
Please see the logfiles in /var/log/letsencrypt for more details.
This is on an Ubuntu 18.04. The other three certs were created with the same command though last year. I am not sure what is going on. Searching for this error results in conflicting or out of scope suggestions. Any help appreciated.