Sudo add-apt-repository ppa:certbot/certbot


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: sudo add-apt-repository ppa:certbot/certbot

It produced this output: sudo add-apt-repository ppa:certbot/certbot
This is the PPA for packages prepared by Debian Let’s Encrypt Team and backported for Ubuntu(s).
More info:
Press [ENTER] to continue or Ctrl-c to cancel adding it.
gpg: unknown option ‘show-only’
gpg: invalid import options
Got ‘0’ fingerprints, expected only one
Failed to add key.

My web server is (include version): Apache 2.4.29 Ubuntu

The operating system my web server runs on is (include version): Ubuntu 18.04

My hosting provider, if applicable, is: Google cloud

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


There may not be anyone here who knows how to debug add-apt-repository or GnuPG issues. You might get better results asking on an Ubuntu forum.

Giving it a try…

What do “dpkg -l gnupg2” and “sudo which gpg gpg2” show?


Also could be worth trying to import the key manually:

gpg --search 8C47BE8E75BCA694


Ah… You’re right.

It should be “dpkg -l gnupg”, not “dpkg -l gnupg2”. Though both could be interesting, if something is wrong.


I used the command wget and it worked for me.

Further after running command sudo certbot --apache and selecting my domain I got this error

Can you kindly assist why I got this error.


Hi @Amitjasrotia

curious. Checking your domain I see a good http status 404:

Domainname Http-Status redirect Sec. G 301 0.220 A 301 0.220 E 200 7.297 N
Certificate error: RemoteCertificateChainErrors 200 6.294 N
Certificate error: RemoteCertificateChainErrors 301 0.223 A 301 0.223 E 404 5.937 N
Not Found
Certificate error: RemoteCertificateChainErrors

Letsencrypt checks a file under /.well-known/acme-challenge with a random filename. You have redirects (this isn’t a problem), then a good 404 - not found.

Create the two subdirectories in your webroot (/.well-known/acme-challenge) if they don’t exist, there a file (file name 1234 without extension), then try to load this file via

If that works, you have found your correkt webroot. Then use

certbot run -a webroot -i apache -w yourWebroot -d -d


Thanks, this was helpful.
Site has SSL now.


That option is added in version 2.2.0 of GnuPG. What version of GnuPG do you have?