Issue renewing certificates

sander-schippers · June 5, 2019, 6:24am

I received the message:

Provisioning TLS certificates for honedimexma.eu, www.honedimexma.eu, prorama.nl, www.prorama.nl, wireless-everywhere.eu, www.wireless-everywhere.eu. error: honedimexma.eu, www.honedimexma.eu, prorama.nl, www.prorama.nl, wireless-everywhere.eu, www.wireless-everywhere.eu: Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None An unexpected error occurred: The server experienced an internal error :: Error retrieving account “https://acme-v02.api.letsencrypt.org/acme/acct/45315719” Please see the logfiles in /var/log/letsencrypt for more details.

In the logfile, the thing I could reproduce is:
HTTP 415

Server: nginx

Content-Type: application/problem+json

Content-Length: 168

Link: <https://acme-v02.api.letsencrypt.org/directory>;rel=“index”

Replay-Nonce: KetcztLFThJbiSCQ-gcf78hQmRVWSn-oA_6W-409-g8

Expires: Fri, 31 May 2019 01:00:25 GMT

Cache-Control: max-age=0, no-cache, no-store

Pragma: no-cache

Date: Fri, 31 May 2019 01:00:25 GMT

Connection: close

{

“type”: “urn:ietf:params:acme:error:malformed”,

“detail”: “Invalid Content-Type header on POST. Content-Type must be “application/jose+json””,

“status”: 415

}

2019-05-31 03:00:25,682:DEBUG:acme.client:Error during a POST-as-GET request, your ACME CA may not support it:

Manually running an update on the MiaB web interface works for now

Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None Performing the following challenges: http-01 challenge for honedimexma.eu http-01 challenge for prorama.nl http-01 challenge for wireless-everywhere.eu http-01 challenge for www.honedimexma.eu http-01 challenge for www.prorama.nl http-01 challenge for www.wireless-everywhere.eu Using the webroot path /home/user-data/ssl/lets_encrypt/webroot for all unmatched domains. Waiting for verification… Cleaning up challenges Server issued certificate; certificate written to /tmp/tmp4w4unbn9/cert Cert chain written to 8 Cert chain written to 9 IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /tmp/tmp4w4unbn9/cert_and_chain.pem Your cert will expire on 2019-09-03. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew all of your certificates, run “certbot renew” - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le

I assume it’s something small and not show stopping yet.

Regards,

Sander

alento · June 5, 2019, 12:56pm

Have you installed Certbot outside of the normal install that Mail-in-a-Box does by chance?

It seems that the error is that Certbot could not find the ‘account’ file which could be the case if Certbot was installed independently.

I’d suggest posting this at https://community.letsencrypt.org/ as they would know right away what the issue is.

sander-schippers · June 5, 2019, 8:06pm

No, the system is a completely standard and fresh install, now running about 100 days; it was an upgrade of the V0.30 to V0.40

alento · June 5, 2019, 8:10pm

So would this be the first certificate renewal since the upgrade? I am going to assume that the certs used were the ones in the backups.

Did you take my advice and post on the Let’s Encrypt forum?