Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer nginx
Renewing an existing certificate
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/ssltesting.notionjoy.io
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/ssltesting.notionjoy.io
Your existing certificate has been successfully renewed, and the new certificate
has been installed.
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/ssltesting.notionjoy.io/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/ssltesting.notionjoy.io/privkey.pem
Your cert will expire on 2021-12-01. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew all of
your certificates, run "certbot renew"
If you like Certbot, please consider supporting our work by:
Now, I get result
server_name ssltesting.notionjoy.io;
ssl_certificate /etc/letsencrypt/live/ssltesting.notionjoy.io/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ssltesting.notionjoy.io/privkey.pem; # managed by Certbot
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for 7phut.vuahieusuat.vn
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (7phut.vuahieusuat.vn) from /etc/letsencrypt/renewal/7phut.vuahieusuat.vn.conf produced an unexpected error: Failed authorization procedure. 7phut.vuahieusuat.vn (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://7phut.vuahieusuat.vn/.well-known/acme-challenge/Mvlqzb67afGJsBLwjSa4eSmd-NttJ4gM9d6dGyjthUA [3.213.80.151]: "\r\n404 Not Found\r\n<body bgcolor="white">\r\n
404 Not Found
\r\n". Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/7phut.vuahieusuat.vn/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/7phut.vuahieusuat.vn/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
sudo certbot -i nginx --webroot -n --redirect -w /var/www/linkjoy/public -d link.gridle.io
We use this command to generate SSL certificate and it is working
Can you give me renew command with webroot to renew any particular SSL?
Which command do I have to put in Cronjob to make the renewal process automatic?
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for accounts.brandmojo.pw
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (accounts.brandmojo.pw) from /etc/letsencrypt/renewal/accounts.brandmojo.pw.conf produced an unexpected error: Failed authorization procedure. accounts.brandmojo.pw (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://accounts.brandmojo.pw/.well-known/acme-challenge/1TY6no00WjJDWta4-D8swXNNOYbdQhwd_3PeC2P80-0 [3.213.80.151]: "\r\n404 Not Found\r\n<body bgcolor="white">\r\n
We are going in a circle.
I've answered that question.
You need to use an authentication method that works (like: --webroot)
OR
Fix the problem that makes --nginx authentication fail.
Then AFTER it is working, the cron job with certbot renew will renew your certs automatically.