After ~12 months of renewing certificates, all of my systems are failing to renew with the following error:
Plugins selected: Authenticator apache, Installer apache Renewing an existing certificate Performing the following challenges:
http-01 challenge for X.X.X.X Cleaning up challenges Attempting to renew cert (X.X.X.X) from /etc/letsencrypt/renewal/X.X.X.X.conf produced an unexpected error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80… Skipping.
All renewal attempts failed. The following certs could not be renewed:
There has been no infrastructure change - no firewall, system change - this all used to work flawlessly.
It appears that certbot-auto was auto updated on the 6th of December:
-rwxr-xr-x 1 root root 63562 Dec 6 16:37 /usr/bin/certbot-auto
Port 80 is explicitly disabled on the system by network policies and this used to work flawlessly over the last 12 months not needing port 80 to perform the renewal process.
I have ~10 systems now that are within 15 days of certificate expiry.
Please can someone advise on how to resolve.