Trying to renew the certificate gives me error

Help
1

Hi,

I have a domain http://brainoidtech.com which has letsencrypt certificate issued and set to it.

Now the certificate as expired and I am trying to renew it, but keep getting the error -

Could not obtain directory.
Could not obtain directory.
exception ‘Kelunik\Acme\AcmeException’ with message ‘Issuance failed, not all challenges could be solved.’ in /home/brainffw/acme-client/src/Commands/Issue.php:106

After connecting to the server’s ssh from the MacOS terminal, I am using this command to renew in my MacOS terminal -

php acme-client/bin/acme issue --domains brainoidtech.com:www.brainoidtech.com --path /home/brainffw/public_html:/home/brainffw/public_html --server letsencrypt

(I had set a cron job using the same command, but it did not seem to work hence I am trying to do it manually using the terminal)

Can you please help me?

Regards!

2

What acme client are you using?

1 Like
3

This one - https://github.com/kelunik/acme-client/

4

zerobin-attachment
zerobin-attachment.png1561×703 50.4 KB

My hosting provider - resellerclub provided me with this which I followed.

1 Like
5

Have you tried running acme-client auto as per their docs and not running it as you are now?

6

If that doesn’t work, it would be worth trying to find any logs from the client that explain the reason that the challenges could not be solved.

1 Like
7

I did try using acme-client auto to no effect. I am stuck in this unfortunate problem with no possible solution in sight
:frowning_face:

8

Do you mean the server logs? Tried looking into them, did not find anything there either.

Would you please tell me where can I look for the logs you are referring to?

9

Well your certificate has already expired and you now urgently need to renew so personally I would say use the proper certbot client and run it in standalone mode to get your new certificate then you can spend time later diagnosing what’s wrong with your acme-client.

1 Like
10

Yeah, I think you are right, would you please point me to a step by step guide on how to go about it?

Sorry, I am just new to use letsencrypt and ssl certs etc.

Thank you, I appreciate your help!

Regards,
Sanjyot

11 
sudo mkdir /opt/cerbot
cd /opt/certbot
sudo wget https://dl.eff.org/certbot-auto

Then edit the file /etc/letsencrypt/renewal/brainoidtech.com.conf

change the line where it says

authenticator = webroot

to

authenticator = standalone

Stop your web server

Apache >> sudo service apache2 stop
Nginx >> sudo service nginx stop

Then try and renew the cert (make sure you are in the dir /opt/cerbot)

cd /opt/certbot
sudo ./certbot-auto renew

If successful then restart your web server

1 Like
12

I am using a shared linux hosting server. Would not be possible to restart it.

13

Follow the guide but leave out the part about changing /etc/letsencrypt/renewal/brainoidtech.com.conf and simply run

sudo ./certbot-auto renew

So we can see what happens

1 Like
14

sudo command not found

and without sudo there is no permission to perform any actions

15

I think you are going to have to look through any log files for your acme-client to try and fix it. Unfortunately this is the problem with shared hosting environment where you do not have root access.

1 Like
16

Yeah, I guess you are right. This is terribly frustrating. I hope hosting providers provide better support for Lets Encrypt in the future.

1 Like
17

What operating system are you running on, please check with lsb_release -a

1 Like
18

I am running on Linux, that is the only detail they have provided.

I just noticed Outbound Port 80, 443, 465, 587 and 8080 were blocked. I have unblocked them now, let me try to renew the certificate now and will update you.

2 Likes
19

Let me know, holding thumbs for you :wink:

2 Likes
20

Yeah it worked, oh what a trivial issue! Apologies for wasting your time and Thank you for helping me out guys! :slight_smile:
Appreciate the help and your time.
Cheers!

2 Likes