Unable to find pre-hook command


#1

Hi All,

I got a really strange issue, and can’t find to get to the bottom of the problem. For some reason i got the error on what ever command i execute that the pre-hook command is not find in the PATH. Could someone guide me to get to the bottom of the case how to solve this?

My domain is:
fotoautofocus.nl
I ran this command:
sudo certbot --cert-name fotoautofocus.nl --apache --preferred-challenges http
It produced this output:
Unable to find pre-hook command /root/bin/certbot-pre in the PATH.
(PATH is /usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/vincent/.local/bin:/home/vincent/bin)
My web server is (include version):
Apache httpd-2.4.6-88.el7.centos.x86_64
The operating system my web server runs on is (include version):
Centos 7
My hosting provider, if applicable, is:
BladeVPS transip
I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no


#2

For extra info by using the --disable-hook-validation i got the following output:

Hook command “/root/bin/certbot-pre” returned error code 127
Error output from certbot-pre:
/bin/sh: /root/bin/certbot-pre: No such file or directory

Renewing an existing certificate
Performing the following challenges:
http-01 challenge for fotoautofocus.nl
Waiting for verification…
Cleaning up challenges
Dry run: skipping deploy hook command: /root/bin/certbot-renew


new certificate deployed with reload of apache server; fullchain is
/etc/letsencrypt/live/fotoautofocus.nl/fullchain.pem



** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)

Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/fotoautofocus.nl/fullchain.pem (success)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)


Running post-hook command: /root/bin/certbot-post
Hook command “/root/bin/certbot-post” returned error code 127
Error output from certbot-post:
/bin/sh: /root/bin/certbot-post: No such file or directory


#3

Hi,

It seems that you’ve specified pre & post hook when you request those certificates, did you specify it by yourself?

Is there any files / directory on /root/bin/certbot-post & /root/bin/certbot-pre?

Thank you


#4

Also:

sudo find /etc/letsencrypt/renewal-hooks
sudo grep -R certbot-post /etc/letsencrypt/renewal

#6

There are no files on /root/bin/certbot-post

sudo find / -name certbot:
/etc/sysconfig/certbot
/usr/bin/certbot
/usr/lib/python2.7/site-packages/certbot

sudo find /etc/letsencrypt/renewal-hooks
/etc/letsencrypt/renewal-hooks
/etc/letsencrypt/renewal-hooks/pre
/etc/letsencrypt/renewal-hooks/deploy
/etc/letsencrypt/renewal-hooks/post

sudo grep -R certbot-post /etc/letsencrypt/renewal:
/etc/letsencrypt/renewal/fotoautofocus.nl.conf:post_hook = /root/bin/certbot-post
/etc/letsencrypt/renewal/mail.fotoautofocus.nl.conf:post_hook = /root/bin/certbot-post


#7

So at some point, you (or someone) setup these post-renewal hooks to perform some task.

If you know what they did, you can re-create them. Otherwise, you can just remove these lines from these files to avoid the error.

These are definitely customizations and not part of the default operation of Certbot.


#8

I did it myself by following a guide how to set up Letsencrypt on CentOs7 with Apache.

So i will try to delete the lines now


#9

Also check if they’re being specified in /etc/letsencrypt/cli.ini.


#10

Perhaps you got them from this tutorial: https://aoeex.com/phile/postfix-dovecot-and-lets-encrypt-certificates/

You can find the certbot-post file contents in there.


#11

yeah. does the file with the script need to be from a certain name?