WARNING:certbot.renewal:Attempting to renew cert produced an unexpected error: The nginx plugin

aleon · December 19, 2018, 2:43pm

Hi All,

Been using certbot locally installed on my Deb 9/Nginx webserver and doing manual install of certificate went fine without problems using:

cd /opt/eff.org/certbot/venv/local/bin/
./certbot --nginx -d www.mydomain.com -d mydomain.com

but when trying this through a cronjob and attempting a dry run, I get:
WARNING:certbot.renewal:Attempting to renew cert produced an unexpected error: The nginx plugin is not working; there may be problems with your existing configuration.

The contrab command am using is:
#Dry Run Test Renew
#*/5 * * * * cd /opt/eff.org/certbot/venv/local/bin/ && ./certbot renew --dry-run > /var/log/letsencrypt/certbot-date +\%d\%m\%Y\%H\%M\%S.log 2>&1

Here letsencrypt.log:

2018-12-19 15:25:02,103:DEBUG:certbot.cli:Var dry_run=True (set by user).
2018-12-19 15:25:02,103:DEBUG:certbot.cli:Var server=set(['staging', 'dry_run']) (set by user).
2018-12-19 15:25:02,103:DEBUG:certbot.cli:Var dry_run=True (set by user).
2018-12-19 15:25:02,103:DEBUG:certbot.cli:Var server=set(['staging', 'dry_run']) (set by user).
2018-12-19 15:25:02,104:DEBUG:certbot.cli:Var account=set(['server']) (set by user).
2018-12-19 15:25:02,152:INFO:certbot.renewal:Cert not due for renewal, but simulating renewal for dry run
2018-12-19 15:25:02,152:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
2018-12-19 15:25:02,161:DEBUG:certbot.plugins.disco:No installation (PluginEntryPoint#nginx): 
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/plugins/disco.py", line 132, in prepare
    self._initialized.prepare()
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/configurator.py", line 139, in prepare
    raise errors.NoInstallationError
NoInstallationError
2018-12-19 15:25:02,161:DEBUG:certbot.plugins.selection:No candidate plugin
2018-12-19 15:25:02,161:DEBUG:certbot.plugins.selection:No candidate plugin
2018-12-19 15:25:02,162:DEBUG:certbot.plugins.selection:Selected authenticator None and installer None
2018-12-19 15:25:02,162:INFO:certbot.main:Could not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError()
2018-12-19 15:25:02,162:WARNING:certbot.renewal:Attempting to renew cert (www.mydomain.com) from /etc/letsencrypt/renewal/www.mydomain.com.conf produced an unexpected error: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(). Skipping.
2018-12-19 15:25:02,162:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 430, in handle_renewal_request
    main.renew_cert(lineage_config, plugins, renewal_candidate)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1191, in renew_cert
    installer, auth = plug_sel.choose_configurator_plugins(config, plugins, "certonly")
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/plugins/selection.py", line 237, in choose_configurator_plugins
    diagnose_configurator_problem("authenticator", req_auth, plugins)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/plugins/selection.py", line 341, in diagnose_configurator_problem
    raise errors.PluginSelectionError(msg)
PluginSelectionError: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError()

So not sure where am going wrong.

Thanks for the advise.

rg305 · December 19, 2018, 2:50pm

Please verify nginx:
nginx -t

aleon · December 19, 2018, 2:52pm

@rg305

wow thats was quick

Here is what I get:

super@host:/home# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

rg305 · December 19, 2018, 2:55pm

Which certbot version is that?
./certbot --version

aleon · December 19, 2018, 2:57pm

super@host:/opt/eff.org/certbot/venv/local/bin# ./certbot --version
certbot 0.27.1

aleon · December 19, 2018, 3:02pm

Think i will go ahead and install certbot-auto from this link https://certbot.eff.org/docs/install.html#alternate-installation-methods

Guess am using an old version of certbot, no longer supporting all the features?

aleon · December 19, 2018, 3:05pm

Dry run using new certbot-auto seems to have done the trick now!!!

super@host:/var/log/letsencrypt# tail -f certbot-19122018160321.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates below have not been saved.)

Congratulations, all renewals succeeded. The following certs have been renewed:
  /etc/letsencrypt/live/xxx/fullchain.pem (success)
  /etc/letsencrypt/live/xxy/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates above have not been saved.)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

system · January 18, 2019, 3:08pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.