Unable to recover files from /var/lib/letsencrypt/temp_checkpoint


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: gilgamesh.bizitas.net (Also for other domains on same server)

I ran this command: sudo /opt/certbot/certbot-auto certonly --nginx --force-renew -d gilgamesh.bizitas.net

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Unable to recover files from /var/lib/letsencrypt/temp_checkpoint
Incomplete or failed recovery for /var/lib/letsencrypt/temp_checkpoint

My web server is (include version): nginx version: nginx/1.10.3 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 16.04.2 LTS

My hosting provider, if applicable, is: OVH Dedicated

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No


#2

If the site was “broken” due to this failed command, you could try to revert or rollback X amounts of checkpoints:https://certbot.eff.org/docs/using.html


#3

Hi @dattah,

That’s a very unusual error! Would you be willing to share you log file from /var/log/letsencrypt?

Is there any indication of disk errors on this system? (I guess OVH would probably monitor for that themselves?)


#4

Maybe not.


#5

Huh! Well, it would be good to check for disk errors here (maybe with dmesg). The code that produces that particular error message only does so when Python returns an OSError or IOError which is comparatively difficult to get when running with sudo on an undamaged disk and uncorrupted filesystem.


#6

Agreed, I would check the disk; And also CPU, and memory too…


#7

My colleagues thought that this might also not be a sign of a disk error after all, so it would be great to see the log and see if we can figure out anything more.


#8

I am a new user and cannot upload files so please see log file here.


#9

The files does not contain
“gilgamesh” nor
bizitas.net” nor
“incomplete” nor
“unable”.


#10

Please view this file.
Correct log with gilgamesh
https://drive.google.com/file/d/1hzO9h17KGYnAsBL7RVzeQIqTnTBvjUC0/view?usp=sharing


#11

It seems that the last issued cert for gilgamesh was done using standalone:
2019-01-08 19:17:16,311:INFO:certbot.auth_handler:http-01 challenge for gilgamesh.bizitas.net
2019-01-08 19:17:16,312:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2019-01-08 19:17:16,312:DEBUG:acme.standalone:Failed to bind to :80 using IPv4

But this is not what you want to do now; so, please show:
/etc/letsencrypt/renewal/gilgamesh.bizanova.com.conf
[maybe we can modify it to fit your current need]


#12

It seems gilgamesh is not the only config affected by a previous standalone issuance:

2019-01-08 19:17:12,481:WARNING:certbot.renewal:Attempting to renew cert (mis.bizitas.com) from /etc/letsencrypt/renewal/mis.bizitas.com.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.

2019-01-08 19:17:14,444:WARNING:certbot.renewal:Attempting to renew cert (www.fawheels.co.uk) from /etc/letsencrypt/renewal/www.fawheels.co.uk.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.

2019-01-08 19:17:16,313:WARNING:certbot.renewal:Attempting to renew cert (gilgamesh.bizitas.net) from /etc/letsencrypt/renewal/gilgamesh.bizitas.net.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.

2019-01-08 19:17:18,301:WARNING:certbot.renewal:Attempting to renew cert (wardworth.bizitas.net) from /etc/letsencrypt/renewal/wardworth.bizitas.net.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.

2019-01-08 19:17:20,260:WARNING:certbot.renewal:Attempting to renew cert (rmshop.bizitas.net) from /etc/letsencrypt/renewal/rmshop.bizitas.net.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.

2019-01-08 19:17:22,130:WARNING:certbot.renewal:Attempting to renew cert (meatlinetst.bizitas.net) from /etc/letsencrypt/renewal/meatlinetst.bizitas.net.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.

2019-01-08 19:17:24,071:WARNING:certbot.renewal:Attempting to renew cert (fawheels.co.uk) from /etc/letsencrypt/renewal/fawheels.co.uk.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.

2019-01-08 19:17:25,920:WARNING:certbot.renewal:Attempting to renew cert (www.bizitas.com) from /etc/letsencrypt/renewal/www.bizitas.com.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.

2019-01-08 19:17:28,118:WARNING:certbot.renewal:Attempting to renew cert (fawheelstst.bizitas.net) from /etc/letsencrypt/renewal/fawheelstst.bizitas.net.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.

2019-01-08 19:17:29,891:WARNING:certbot.renewal:Attempting to renew cert (selfcair.bizitas.net) from /etc/letsencrypt/renewal/selfcair.bizitas.net.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.

2019-01-08 19:17:31,839:WARNING:certbot.renewal:Attempting to renew cert (www.royalmarinesshop.com) from /etc/letsencrypt/renewal/www.royalmarinesshop.com.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.

2019-01-08 19:17:33,763:WARNING:certbot.renewal:Attempting to renew cert (selfcairtst.bizitas.net) from /etc/letsencrypt/renewal/selfcairtst.bizitas.net.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.