Got this Email Notice: Error Provisioning TLS Certificate

How to force auto renew via CLI command?
My Host Cert will expire on August 18.

Do you have more detail than that? Error logs?

That’s all I got from Email.
And I just verify it by looking at my certificate, and it’s not being updated/renew.

OK We need logs from the system though, you will need to use SSH and grab logs from /var/log use google if you need help with that.

Login is simple, putty is an SSH client you can use.

My question is this.
Is it possible?

On versions of MIAB < 0.28 you cannot exactly force it I don’t think.


Run management/

1 Like

Seems to work fine:

    The domain has a valid certificate already. (The certificate expires in 15 days on 08/18/18. Certificate: 
    /home/user-data/ssl/, private key /home/user- 

I don’t recall if there’s a way to force renewal (you could take a peek at the source code of that file), but it doesn’t appear that there’s a problem. It should autorenew closer to the expiration date.


Certificate was successfully renewed, but still I got this Email Notice.

[] Error Provisioning TLS Certificate

  • Stopping Postfix Mail Transport Agent postfix
  • Starting Postfix Mail Transport Agent postfix
    dovecot stop/waiting
    dovecot start/running, process 29268
  • Reloading nginx configuration nginx
    Provisioning TLS certificates for,,
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator webroot, Installer None
    Performing the following challenges:
    http-01 challenge for
    http-01 challenge for
    http-01 challenge for
    Using the webroot path /home/user-data/ssl/lets_encrypt/webroot for all unmatched domains.
    Waiting for verification…
    Cleaning up challenges
    Server issued certificate; certificate written to /tmp/tmp8zpvo5_z/cert
    Cert chain written to 10
    Cert chain written to 11
  • Congratulations! Your certificate and chain have been saved at:
    Your cert will expire on 2018-11-01. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot
    again. To non-interactively renew all of your certificates, run
    “certbot renew”

  • If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let’s Encrypt: Donate - Let's Encrypt
    Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation

updating primary certificate
mail services restarted
web updated

I just received the same headline email
[] Error Provisioning TLS Certificate

Yet details showed the certificate completed properly. I also note that this particular domain I added to Miab doesn’t have a website yet (like others) so perhaps this relates to an initial TLS warning status at the time the cert was requested.

Per JoshDate I’ll plan to run this again once I finish the site

I’ve seen this happening in every version of mailinabox. It seems in post_install_func the line system_ssl_certificate = os.path.join(os.path.join(env["STORAGE_ROOT"], 'ssl', 'ssl_certificate.pem')) is wrong.

I agree that having two os.path.join seems odd but it does not appear to have any ill effect. Whether you use one or two os.path.join, the variable always gets the same value (/home/user-data/ssl/ssl_certificate.pem). I don’t think this is the source of this error message.