Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: e-guardian.vn
I ran this command: sudo certbot renew
It produced this output:
Failed to renew certificate e-guardian.vn with error: The manual plugin is not working; th
ere may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-h
ook when using the manual plugin non-interactively.')
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/e-guardian.vn/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
My web server is (include version):
The operating system my web server runs on is (include version): Linux 12
My hosting provider, if applicable, is: AWS
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): AWS Lightsail
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.1.0
It looks like you originally used a manual method to get a cert. You cannot automate manual methods without the hook described. See here: User Guide — Certbot 2.12.0.dev0 documentation
But, now you have Apache running on your system. It would be easier to change from manual to a different method using Apache.
Hello @MikeMcQ Thank you for your reply. I would like to ask I just follow a tutorial on youtube here's the link https://www.youtube.com/watch?v=X9xW6xQw4CE then after that the SSL Certificate went secure again it will expires on December 16 2024. However, when i ran the code you provides. I see these output below, it still shows epired. I am sorry I am new to these I dont have any idea what happened.
Found the following certs:
Certificate Name: e-guardian.vn
Serial Number: 4a4203b2b62de****
Key Type: ECDSA
Domains: e-guardian.vn *.e-guardian.vn
Expiry Date: 2024-09-13 11:09:22+00:00 (INVALID: EXPIRED)
Certificate Path: /etc/letsencrypt/live/e-guardian.vn/fullchain.pem
Private Key Path: /etc/letsencrypt/live/e-guardian.vn/privkey.pem
Sorry, I read your original post too quickly earlier today.
I see now you originally followed some older AWS Docs and got a wildcard cert using Certbot manual method. You could have just repeated those manual steps to get a new wildcard cert. But, that method cannot be auto-renewed.
AWS recommends using bncert tool in Lightsail / Bitnami instances. This works for auto-renew too. And, that YT video walks through the AWS docs to do that. But, bncert cannot get a wildcard cert so you now have a cert with only e-guardian.vn in it. If that is the only domain name you use then you are fine. But, if you also use subdomains (like www) then that cert is not complete.
If this new cert using bncert is good you should delete the older Certbot cert with:
sudo certbot delete --cert-name e-guardian.vn
This will prevent errors being issued about trying to renew a cert with an unsupported method