I have a Dockerized server that uses some Let's Encrypt certificates. Originally I had problems getting the Apache authenticator to work properly and in the end the only thing that did work was a manual DNS authentication.
Now it's time to renew the certificates and I got into problems again (I really would like the automated thing to work).
On all renewals I get:
unexpected error: Unable to save to file!. Skipping.
The log output is:
2017-11-07 18:25:31,216:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/certbot/renewal.py", line 425, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/usr/lib/python3.6/site-packages/certbot/main.py", line 743, in renew_cert
_get_and_save_cert(le_client, config, lineage=lineage)
File "/usr/lib/python3.6/site-packages/certbot/main.py", line 80, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/usr/lib/python3.6/site-packages/certbot/renewal.py", line 297, in renew_cert
new_certr, new_chain, new_key, _ = le_client.obtain_certificate(domains)
File "/usr/lib/python3.6/site-packages/certbot/client.py", line 318, in obtain_certificate
File "/usr/lib/python3.6/site-packages/certbot/auth_handler.py", line 74, in get_authorizations
resp = self._solve_challenges()
File "/usr/lib/python3.6/site-packages/certbot/auth_handler.py", line 115, in _solve_challenges
resp = self.auth.perform(self.achalls)
File "/usr/lib/python3.6/site-packages/certbot_apache/configurator.py", line 1919, in perform
sni_response = chall_doer.perform()
File "/usr/lib/python3.6/site-packages/certbot_apache/tls_sni_01.py", line 79, in perform
self.configurator.save("Don't lose mod_config changes", True)
File "/usr/lib/python3.6/site-packages/certbot_apache/augeas_configurator.py", line 150, in save
File "/usr/lib/python3.6/site-packages/augeas/init.py", line 482, in save
raise IOError("Unable to save to file!")
OSError: Unable to save to file!
The output here is note very informative. It would be extremely helpful to know what file is actually the problem. I tried to hack away in the python code to try the get a path out, but it was not really possible since the augeas lib is a wrapper for a C lib, and I did not really have the energy to start recompiling that to get some reasonable debug messages out.
I also tried to give the root user all write permissions to the /etc/httpd and /etc/letsencrypt folders, but that didn't help. Perhaps a missing folder somewhere?
Please help me!
EDIT: I want to use the tls challenge with Apache.