Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command: sudo -H ./letsencrypt-auto certonly --apache
It produced this output: Upgrading certbot-auto 1.9.0 to 1.10.0...
Replacing certbot-auto...
Your system is not supported by certbot-auto anymore.
Certbot will no longer receive updates.
My web server is (include version): Apache/2.4.29 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 18.04.5 LTS
My hosting provider, if applicable, is: Rackspace
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.31.0
I was renewing an SSL certificate today, and received this message:
Upgrading certbot-auto 1.9.0 to 1.10.0...
Replacing certbot-auto...
Your system is not supported by certbot-auto anymore.
Certbot will no longer receive updates.
I see that certbot-auto is depreciated, so how am I supposed to keep certbot updated on my Ubuntu server at this point?
Will I need to remove Certbot OS packages and re-install Certbot using snap? Will I be able to run this command to update my certs in the meantime until I am able to do this: ./certbot-auto renew --apache
if I leave certbot as it is currently, it wont receive updates, but will that be a problem with my SSL certificates in the future?
Maybe yes, maybe no. certbot-auto is a self-updating version of certbot, which has essentially been discontinued. LetsEncrypt, the public Service that Certbot communicates with, has had many API changes and will continue to have more changes. At some point in the future, or possibly in the past, your version of Certbot will not be compatible with the LetsEncrypt service.
It takes less than 5 minutes to remove certbot-auto and install snapd + the certbot snap. The new system will still use the existing configuration files and certificates in /etc/letsencrypt
So I'm new to this server, so I'm trying to figure out the best way to solve this. I'm just going by the instructions you sent over to fix the error that I am seeing.
I run this command to create an SSL certificate for my site:
sudo -H ./letsencrypt-auto certonly --apache -d mydomain.com -d www.mydomain.com
Now I'm getting this message every time I run this command:
Your system is not supported by certbot-auto anymore.
Certbot will no longer receive updates.
Please visit https://certbot.eff.org/ to check for other alternatives.
We have about 200 certificates on this server, so I have to use certbot-auto to update them using this command:
./certbot-auto renew --apache
This command will go through and update all of the certificates on the server.
Now that I am getting the above "Certbot will no longer receive updates." message, I'm trying to figure out what to do in order to keep this updated.
In the instructions you sent, there are these instructions for my server:
SSH into the server - Done
Install snapd - This is already installed on my server
Ensure that your version of snapd is up to date - Done
Remove any Certbot OS packages
If you have any Certbot packages installed using an OS package manager like apt, dnf, or yum, you should remove them before installing the Certbot snap to ensure that when you run the command certbot the snap is used rather than the installation from your OS package manager. The exact command to do this depends on your OS, but common examples are sudo apt-get remove certbot, sudo dnf remove certbot, or sudo yum remove certbot.
Do I need to do step 4 above, and then do step 5 below?
Install Certbot
Run this command on the command line on the machine to install Certbot.
Yes. You will just be invoking the new Certbot that snapd manages (which will be in /usr/bin/certbot) instead of the certbot-auto and letsencrypt-auto commands, which are both legacy. the command-line options are the same, and everything should be using /etc/letsencrypt as the data storage.
This is a complicated statement and needs to be cleared up before any following questions can be properly answered. As you seem to have multiple versions of certbot installed.
Because ./ only runs programs from the current directory and certbot is now available from /usr/bin. So you don't need the ./ any longer, just run certbot ...
You shouldn't use the -auto suffix when you're using the regular (snap) installation method of certbot. Also, for renewing using --apacheagain isn't required.
Hey, so I added --apache to these commands because when I ran them it seemed to cut off any other apache connections. So my websites were unavailable until the command finished doing its thing. If I remove --apache from the new command, this wont happen?
