Weird behaviour of letsencrypt after domain change

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: meet.musashi.ninja -old meet.uhlhosting.ch

I ran this command:

root@meet:/etc/nginx# letsencrypt certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: meet.uhlhosting.ch
    Domains: meet.uhlhosting.ch
    Expiry Date: 2022-06-25 02:00:17+00:00 (VALID: 75 days)
    Certificate Path: /etc/letsencrypt/live/meet.uhlhosting.ch/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/meet.uhlhosting.ch/privkey.pem
root@meet:/etc/nginx# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: meet.uhlhosting.ch
    Domains: meet.uhlhosting.ch
    Expiry Date: 2022-06-25 02:00:17+00:00 (VALID: 75 days)
    Certificate Path: /etc/letsencrypt/live/meet.uhlhosting.ch/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/meet.uhlhosting.ch/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

It produced this output:

My web server is (include version): nginx version: nginx/1.18.0 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 20.04.4 LTS \n \l

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.40.0

The issue is that no matter what command I tried, it told me the plugin is not installed. Yet the certificates gets renewed without issues on old server meet.uhlhosting.ch , this is a clone with replaced ip and hostname.

root@meet:/etc/nginx# letsencrypt --nginx -d meet.musashi.ninja
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The requested nginx plugin does not appear to be installed
root@meet:/etc/nginx#

How does the certificate gets renewed in nginx, when it tells me the plugin is not there? And how to remediate?

1 Like

Welcome to the community @UHLHosting

With your ubuntu system you should be using the snap install for certbot. The nginx plug-in is included in it.

3 Likes

Maybe your previous certificate wasn't issued using the nginx plugin.

4 Likes

Interesting...
Please show:

  • letsencrypt --version
  • which letsencrypt
3 Likes

I see he got his cert for his new domain early yesterday afternoon - about 5 hours after @rg305's post - but it's only for his subdomain and not the apex.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.