Unable to add file {path} to checkpoint /var/lib/letsencrypt/temp_checkpoint

I ran this command:

sudo certbot --config-dir /shared/config-files/letsencrypt renew --dry-run

It produced this output:

Unable to add file /etc/apache2/sites-enabled/mywebsite.ca.conf to checkpoint /var/lib/letsencrypt/temp_checkpoint

Attempting to renew cert (mywebsite.ca) from /shared/config-files/letsencrypt/renewal/mywebsite.ca.conf produced an unexpected error: Unable to add file /etc/apache2/sites-enabled/mywebsite.ca.conf to checkpoint /var/lib/letsencrypt/temp_checkpoint. Skipping.

  • Running Ubuntu 16.04 (Xenial) with Apache
  • I can log in as root/ssh
  • Certbot used to be ver 0.18 but just did an update to 0.31.0 (after certs had expired, saw I had to update in order to renew)

Please assist me in solving this issue if possible. I tried searching on Google and in the forums for an answer, but didn't quite find anything that looked like a solution. Thank you.

(Also I just inherited this and never used Certbot before, if it matters.)

Is your disk full?

df -h

Could you post the full stack trace associated with this error from /var/log/letsencrypt/letsencrypt.log?

Hey, sorry for the delay.

My disk has plenty of space.
This is the output from /var/log/letsencrypt/letsencrypt.log

2019-07-22 15:33:54,307:DEBUG:certbot.error_handler:Calling registered functions
2019-07-22 15:33:54,307:INFO:certbot.auth_handler:Cleaning up challenges
2019-07-22 15:33:59,101:WARNING:certbot.renewal:Attempting to renew cert (mywebsite.ca-0001) from /shared/config-files/letsencrypt/renewal/mywebsite.ca-0001.conf produced an unexpected error: Unable to add file /etc/apache2/sites-enabled/10-mywebsite.ca.conf to checkpoint /var/lib/letsencrypt/temp_checkpoint. Skipping.
2019-07-22 15:33:59,102:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/reverter.py", line 240, in add_to_checkpoint_dir
cp_dir, os.path.basename(filename) + "
" + str(idx)))
File "/usr/lib/python3.5/shutil.py", line 252, in copy2
copystat(src, dst, follow_symlinks=follow_symlinks)
File "/usr/lib/python3.5/shutil.py", line 219, in copystat
_copyxattr(src, dst, follow_symlinks=follow)
File "/usr/lib/python3.5/shutil.py", line 151, in _copyxattr
names = os.listxattr(src, follow_symlinks=follow_symlinks)
OSError: [Errno 38] Function not implemented: '/etc/apache2/sites-enabled/10-mywebsite.ca.conf'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/plugins/common.py", line 137, in add_to_checkpoint
checkpoint_func(save_files, save_notes)
File "/usr/lib/python3/dist-packages/certbot/reverter.py", line 197, in add_to_temp_checkpoint
self.config.temp_checkpoint_dir, save_files, save_notes)
File "/usr/lib/python3/dist-packages/certbot/reverter.py", line 250, in _add_to_checkpoint_dir
"{1}".format(filename, cp_dir))
certbot.errors.ReverterError: Unable to add file /etc/apache2/sites-enabled/10-mywebsite.ca.conf to checkpoint /var/lib/letsencrypt/temp_checkpoint

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 452, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1193, in renew_cert
renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 116, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 310, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 353, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 389, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 75, in handle_authorizations
resp = self._solve_challenges(aauthzrs)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 139, in _solve_challenges
resp = self.auth.perform(all_achalls)
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2281, in perform
http_response = http_doer.perform()
File "/usr/lib/python3/dist-packages/certbot_apache/http_01.py", line 74, in perform
self.configurator.save("HTTP Challenge", True)
File "/usr/lib/python3/dist-packages/certbot_apache/augeas_configurator.py", line 147, in save
self.save_notes, temporary=temporary)
File "/usr/lib/python3/dist-packages/certbot/plugins/common.py", line 139, in add_to_checkpoint
raise errors.PluginError(str(err))
certbot.errors.PluginError: Unable to add file /etc/apache2/sites-enabled/10-mywebsite.ca.conf to checkpoint /var/lib/letsencrypt/temp_checkpoint

2019-07-22 15:33:59,106:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2019-07-22 15:33:59,107:ERROR:certbot.renewal: /shared/config-files/letsencrypt/live/myotherwebsite.ca/fullchain.pem (failure)
/shared/config-files/letsencrypt/live/myotherwebsite.ca-0001/fullchain.pem (failure)
2019-07-22 15:33:59,107:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in
load_entry_point('certbot==0.31.0', 'console_scripts', 'certbot')()
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1365, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1272, in renew
renewal.handle_renewal_request(config)
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 477, in handle_renewal_request
len(renew_failures), len(parse_failures)))
certbot.errors.Error: 2 renew failure(s), 0 parse failure(s)

Let me know if you require anything more.

I would also like to add, I noticed there isn’t a temp_checkpoint folder in /var/lib/letsencrypt/

And if I do make one and run the command, it fails and the folder disappears.

There's what looks like the core issue.

What filesystem do you have mounted on /etc? e.g. ext4.

df -PTh /etc/apache2/sites-enabled/

Your mount options from /etc/fstab or mount would be helpful too.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.