Ok, NGINX autorenew certificate, can’t renew, I follow some post in this forum, deleteing all SSL certificates, and executin ssl_certificate.py
I solved with linked to new cert. (Manual)
Later have problem with dns and update external dns:
_25._tcp.xxxxxx.com
_443._tcp.xxxxx.com
Need help to solve Autorenew of certificates.
Thanks in advance.
Ive seen this help with people in the past:
cd /home/user-data/ssl/lets_encrypt/accounts/acme-v02.api.letsencrypt.org/directory
ls
rm -rf <RANDOM DIRECTORY GUID>
Then, go into the web-ui and go to the TLS / ssl certificates
Click the provision button.
Also is your box hosted on VPS or are you behind a firewall/router hosting this yourself?
I’ve seen in the past where Let’s Encrypt will try to trigger the certificate install from servers in other countries and people are blocking other countries via firewall rules, pfBlocker, etc.
Thanks you stylnchris.
Is a VPS but 3 moths ago migrate from forked version for Debian.
Now work fine, but need touched some files a configs.
This night try follow you intructions.
Have this error when press “Provision”
Log:
Saving debug log to /var/log/letsencrypt/letsencrypt.log You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
Log of certbot
2024-04-22 20:36:43,130:DEBUG:certbot._internal.main:certbot version: 1.21.0
2024-04-22 20:36:43,130:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2024-04-22 20:36:43,130:DEBUG:certbot._internal.main:Arguments: ['--non-interactive', '-d', 'autoconfig.ofisolutio.com,autodiscover.ofisolutio.com,mta-sts.box.ofisolutio.com,mta-sts.ofisolutio.com', '--csr', '/tmp/tmp65e02hf1', '--cert-path', '/tmp/tmpwoy3up3n/cert', '--chain-path', '/tmp/tmpwoy3up3n/chain', '--fullchain-path', '/tmp/tmpwoy3up3n/cert_and_chain.pem', '--webroot', '--webroot-path', '/home/user-data/ssl/lets_encrypt/webroot', '--config-dir', '/home/user-data/ssl/lets_encrypt']
2024-04-22 20:36:43,130:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-04-22 20:36:43,145:DEBUG:certbot._internal.log:Root logging level set at 30
2024-04-22 20:36:43,146:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2024-04-22 20:36:43,146:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: Authenticator, Plugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7f306e47b790>
Prep: True
2024-04-22 20:36:43,147:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x7f306e47b790> and installer None
2024-04-22 20:36:43,147:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2024-04-22 20:36:43,147:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/display/ops.py", line 46, in get_email
code, email = display_util.input_text(invalid_prefix + msg if invalid else msg,
File "/usr/lib/python3/dist-packages/certbot/display/util.py", line 124, in input_text
return obj.get_display().input(message, default=default, cli_flag=cli_flag,
File "/usr/lib/python3/dist-packages/certbot/_internal/display/obj.py", line 474, in input
self._interaction_fail(message, cli_flag)
File "/usr/lib/python3/dist-packages/certbot/_internal/display/obj.py", line 413, in _interaction_fail
raise errors.MissingCommandlineFlag(msg)
certbot.errors.MissingCommandlineFlag: Missing command line flag or config entry for this setting:
Enter email address (used for urgent renewal and security notices)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/bin/certbot", line 33, in <module>
sys.exit(load_entry_point('certbot==1.21.0', 'console_scripts', 'certbot')())
File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1574, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1416, in certonly
le_client = _init_le_client(config, auth, installer)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 763, in _init_le_client
acc, acme = _determine_account(config)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 678, in _determine_account
config.email = display_ops.get_email()
File "/usr/lib/python3/dist-packages/certbot/display/ops.py", line 51, in get_email
raise errors.MissingCommandlineFlag(msg)
certbot.errors.MissingCommandlineFlag: You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags.
2024-04-22 20:36:43,151:ERROR:certbot._internal.log:You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags.
This might fail because registering happens during setup. Now that you have deleted all ssl files, you might need to re-register by running manually: certbot register --register-unsafely-without-email --agree-tos --config-dir $STORAGE_ROOT/ssl/lets_encrypt
$STORAGE_ROOT being probably /home/user-data but might be different in your case.
or re-run setup
sudo mailinabox
I tried everything you tell me here, but since I was very urgent, I made a backup copy and a clean installation on the same server
now work fine.
The problem before are with TLSA.