Unable to renew. Errors about "not a FQDN"

Help
1

Please fill out the fields below so we can help you better.

My domain is: techonmancy.org, townlands.ie, kindle-maps.com

I ran this command: /root/certbot-auto renew --apache

It produced this output:

2016-09-27 10:43:48,804:WARNING:certbot.renewal:Attempting to renew cert from /etc/letsencrypt/renewal/townlands.ie.conf produced an unexpected error: The apache plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(('There has been an error in parsing the file (%s): %s', u'/etc/apache2/sites-available/certbot.log', u'Syntax error'),). Skipping.

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/technomancy.org.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/www.kindle-maps.com.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/townlands.ie.conf
-------------------------------------------------------------------------------

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/technomancy.org/fullchain.pem (skipped)
  /etc/letsencrypt/live/www.kindle-maps.com/fullchain.pem (skipped)
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/townlands.ie/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)

Additionally this file:

# cat /etc/apache2/sites-available/certbot.log  | sed 's/^/    /g'
Traceback (most recent call last):
  File "/home/rory/.local/share/letsencrypt/bin/letsencrypt", line 11, in <module>
    sys.exit(main())
  File "/home/rory/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 703, in main
    args = cli.prepare_and_parse_args(plugins, cli_args)
  File "/home/rory/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/cli.py", line 858, in prepare_and_parse_args
    return helpful.parse_args()
  File "/home/rory/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/cli.py", line 362, in parse_args
    parsed_args = self.parser.parse_args(self.args)
  File "/home/rory/.local/share/letsencrypt/local/lib/python2.7/site-packages/configargparse.py", line 216, in parse_args
    env_vars = env_vars)
  File "/home/rory/.local/share/letsencrypt/local/lib/python2.7/site-packages/configargparse.py", line 349, in parse_known_args
    self, args=args, namespace=namespace)
  File "/usr/lib/python2.7/argparse.py", line 1722, in parse_known_args
    namespace, args = self._parse_known_args(args, namespace)
  File "/usr/lib/python2.7/argparse.py", line 1928, in _parse_known_args
    start_index = consume_optional(start_index)
  File "/usr/lib/python2.7/argparse.py", line 1868, in consume_optional
    take_action(action, args, option_string)
  File "/usr/lib/python2.7/argparse.py", line 1796, in take_action
    action(self, namespace, argument_values, option_string)
  File "/home/rory/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/cli.py", line 988, in __call__
    add_domains(namespace, domain)
  File "/home/rory/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/cli.py", line 1008, in add_domains
    domain = util.enforce_domain_sanity(domain.strip())
  File "/home/rory/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/util.py", line 433, in enforce_domain_sanity
    .format(domain))
ConfigurationError: Requested domain technomancy.org www.technomancy.org is not a FQDN

My operating system is (include version): Ubuntu 14.04 trusty

My web server is (include version): Apache 2.4

My hosting provider, if applicable, is: N/A, I have root on this machine/VM.

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No.

2

Hmm. Looks like Certbot thinks these two names are one thing, with a space in the middle. Is it possible that you've manually edited a configuration file and merged them together, or something like that ?

3

I have’t manually edited any LE config files, or anything like that. When I tried to register it at first, I might have put that into the command line (since I wanted to register the bare domain and the www prefix). I can’t find anything in the config file which includes that string,

4

I have solved this.

If you look carefully, you’ll see that certbot-auto is complaining about the file /etc/apache2/sites-available/certbot.log. Why is there a certbot.log file in /etc/apache2/sites-available/? I don’t know. But it shouldn’t be there. I think certbot is trying to parse that file as an apache config file, and failing (hence the SyntaxError message). I moved that file out of the way, and certbot auto is able to work fine.

I must have made a mistake when setting up certbot and ran it with 2 domains. I presume my cwd was /etc/apache2/sites-available/ and so certbot put a certbot.log file there. Which then broke further runs of certbot.

This is a bug in certbot-auto because any non-apache config file in /etc/apache2/sites-available/ will break certbot.

5

@ebel, @bmw told me that this is an effect of a deliberate feature: if certbot crashes early enough that it couldn’t set up logging in /var/log, it will save its crash log into the current directory in order to avoid having to print a Python traceback.

I guess the benefits of this can be questioned in the kind of situation you encountered, but it seems like it could be useful to people in other circumstances.

6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.