Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/apihub.trusthub.in.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Renewing an existing certificate for apihub.trusthub.in
Failed to renew certificate apihub.trusthub.in with error: Could not bind TCP port 9100 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/apihub.trusthub.in/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
And now the nginx won't start.:
sudo service nginx status
× nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: en> Active: failed (Result: exit-code) since Sun 2024-03-24 18:14:22 IST; 8s ago
Docs: man:nginx(8)
Process: 7555 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process > Process: 7556 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code> CPU: 44ms
We shouldn't need to free port 80 to use standalone. We should be able to use your running nginx that is already using port 80.
Although, I think the Certbot plugin may have caused nginx to get in a bad state. nginx must always be running before using Certbot --nginx otherwise Certbot starts nginx but in a way that is not compatible with systemd. That is probably why your nginx shows it cannot bind to port 80.
The easiest fix for that is just to restart your server.
Also, what version of Certbot are you on? Please show
That line is why your renewal is failing. Certbot is setting up the nginx server block that is listening on port 9100 for the ACME Challenge response.
But, it looks like you now have a server block on the default port 80 ready for that. I don't even see the port 9100 handled in that nginx config. I see you proxy to that but this nginx isn't handling that port.
I guess the question is which system should be handling the certbot renew? The nginx conf you are showing us or a different system.
@milesli The same error messages often are caused by different things. Please start a new thread and answer the questions on the form you will be shown. That will give the group better info to help you.
@milesli, although your logic to ask for the solution to your similar problem here makes some sense... [I too would like some definite conclusion to this problem]...
Seeing that 27 days have passed since the previous post makes me think that you might get a quicker response/solution by opening your own topic.
Doing both can only help expedite things.