I ran this command: certbot certonly --manual -d ‘*.budgetallocator.com’ --manual-public-ip-logging-ok
It produced this output:
certificate for budgetallocator.com till 2020-09-28
Details are as follows -
Certificate Name: budgetallocator.com
Domains:budgetallocator.com
Expiry Date: 2020-09-28 11:49:59+00:00 (VALID: 89 days)
My web server is (include version): nginx 1.4.6
The operating system my web server runs on is (include version): Ubuntu 14.04
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): https://cp.dnsmadeeasy.com/
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):certbot 0.26.1
I am trying to renew automatically via crontab using certbot renew but it is not working asking - Could not choose appropriate plugin: authenticator could not be determined or is not installed
authenticator could not be determined or is not installed
Certificates obtained with --manual can normally not be renewed non-interactively from cron, because the renewal also requires manual human interaction, which cron jobs can’t provide. Is it this wildcard certificate that you’re trying to renew, or a different one?
I am trying to renew the certificate as the configuration is already present in my server /etc/letsencrypt/renew/website.conf . It was my mistake I have executed the manual command to renew the certificate instead of certbot renew simple command .
Is there any chance I can try deleting the certificate & get the certificate once again which can be auto renewal by using certbot renew command ?
usually it should be automatically to be renewed when i run certbot renew command . for other sites its working fine but this one i recently mistakenly renewed via manual method as i wasn’t aware of this issue earlier .
However, as Ubuntu 14.04 is now end-of-life and Certbot is no longer published for it, I don’t think you will be able to install that DNS plugin.
If you wish to renew a normal certificate (non-wildcard), you could change the authenticator in the .conf file to something that supports automatic renewal (not manual, something like webroot or nginx).
i found this is the configuration for the wildcard certificate -
Options used in the renewal process
[renewalparams]
authenticator = manual
server = https://acme-v02.api.letsencrypt.org/directory
manual_public_ip_logging_ok = True
account = 9c905520d74
So how do i change it back to something like this
Wildcards are special, and must be authenticated using DNS TXT records. Most likely, you used --manual in the first place because it was the only way to get a wildcard certificate at all.
webroot and nginx cannot be used for wildcard certificates. You must use the DNS Made Easy plugin, or otherwise --manual with an authentication hook/script (automatic renewal), or without (no automatic renewal).
got it , so i was looking into DNS Made Easy plugin & it say to acquire a certificate for example.com
i have to use this -
certbot certonly
–dns-dnsmadeeasy
–dns-dnsmadeeasy-credentials ~/.secrets/certbot/dnsmadeeasy.ini
-d example.com
So how do i aquire a wildcard certificate for *.budgetallocator.com ? Should i do like this ?
certbot certonly
–dns-dnsmadeeasy
–dns-dnsmadeeasy-credentials ~/.secrets/certbot/dnsmadeeasy.ini
-d *.budgetallocator.com