I'm trying to renew my certificates and facing the following error
My domain is: hiddendomain.com
I ran this command:
certbot --nginx certonly --cert-name hiddendomain.com -d hiddendomain.com,www.hiddendomain.com
It produced this output:
[root@ip-172-30-0-86 ~]# certbot certonly --cert-name hiddendomain.com -d hiddendomain.com,www.hiddendomain.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Found credentials in shared credentials file: ~/.aws/credentials
How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Obtain certificates using a DNS TXT record (if you are using AWS Route53 for
DNS). (dns-route53)
2: Nginx Web Server plugin (nginx)
3: Spin up a temporary webserver (standalone)
4: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-4] then [enter] (press 'c' to cancel): 2
Plugins selected: Authenticator nginx, Installer None
Please choose an account
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: ip-172-30-0-86@2018-05-30T14:41:31Z (f816)
2: ip-172-30-0-86@2018-06-05T10:08:39Z (11dd)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
An unexpected error occurred:
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:765)
Please see the logfiles in /var/log/letsencrypt for more details.
My web server is: Nginx
The operating system my web server runs on is: Centos 7
My hosting provider, if applicable, is: AWS
I can login to a root shell on my machine: Yes, already running as root
The version of my client is 1.11.0
Log File:
2021-10-11 04:48:05,890:DEBUG:certbot._internal.main:certbot version: 1.11.0
2021-10-11 04:48:05,890:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2021-10-11 04:48:05,890:DEBUG:certbot._internal.main:Arguments: ['--nginx', '--cert-name', 'hiddendomain.com', '-d', 'hiddendomain.com,www.hiddendomain.com']
2021-10-11 04:48:05,890:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#certbot-route53:auth,PluginEntryPoint#dns-route53,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2021-10-11 04:48:05,906:DEBUG:certbot._internal.log:Root logging level set at 20
2021-10-11 04:48:05,906:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2021-10-11 04:48:05,907:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx
2021-10-11 04:48:08,179:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x27bda10>
Prep: True
2021-10-11 04:48:08,180:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x27bda10>
Prep: True
2021-10-11 04:48:08,180:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_nginx._internal.configurator.NginxConfigurator object at 0x27bda10> and installer <certbot_nginx._internal.configurator.NginxConfigurator object at 0x27bda10>
2021-10-11 04:48:08,180:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2021-10-11 04:48:09,184:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(status=u'valid', terms_of_service_agreed=None, agreement=None, only_return_existing=None, contact=(u'mailto:jon@example.com',), key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x15e5510>)>), external_account_binding=None), uri=u'https://acme-v02.api.letsencrypt.org/acme/acct/35816188', new_authzr_uri=None, terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'), f81617d0360c7cfb84c917a3147397e2, Meta(creation_host=u'ip-172-30-0-86', register_to_eff=None, creation_dt=datetime.datetime(2018, 5, 30, 14, 41, 31, tzinfo=<UTC>)))>
2021-10-11 04:48:09,186:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2021-10-11 04:48:09,193:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2021-10-11 04:48:09,509:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 9, in <module>
load_entry_point('certbot==1.11.0', 'console_scripts', 'certbot')()
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 1421, in main
return config.func(config, plugins)
File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 1277, in certonly
le_client = _init_le_client(config, auth, installer)
File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 659, in _init_le_client
return client.Client(config, acc, authenticator, installer, acme=acme)
File "/usr/lib/python2.7/site-packages/certbot/_internal/client.py", line 255, in __init__
acme = acme_from_config_key(config, self.account.key, self.account.regr)
File "/usr/lib/python2.7/site-packages/certbot/_internal/client.py", line 43, in acme_from_config_key
return acme_client.BackwardsCompatibleClientV2(net, key, config.server)
File "/usr/lib/python2.7/site-packages/acme/client.py", line 831, in __init__
directory = messages.Directory.from_json(net.get(server).json())
File "/usr/lib/python2.7/site-packages/acme/client.py", line 1168, in get
self._send_request('GET', url, **kwargs), content_type=content_type)
File "/usr/lib/python2.7/site-packages/acme/client.py", line 1118, in _send_request
response = self.session.request(method, url, *args, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 464, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 576, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 431, in send
raise SSLError(e, request=request)
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:765)
2021-10-11 04:48:09,511:ERROR:certbot._internal.log:An unexpected error occurred:
2021-10-11 04:48:09,511:ERROR:certbot._internal.log:SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:765)