can not renew certs #3920
Comments
|
Hello, after reboot my Router certs can be created .WTF |
|
facing same problem. renewal fails. EDIT: was able to renew certs for duckdns-aliases in a bunch of new-cert-request (add aliases for 1 certificate) |
|
Hello got same issue, which DNS are you using ? If its cloudflare, desactivate cloudflare proxy (test but wait a few minutes), get your ssl certs and put cloudlfare proxy again. |
|
We encountered the same issue as described above. The root cause was that Let's Encrypt performs challenge requests from various global locations, and our geoblocking firewall rule was causing these requests to time out. Since the IP addresses used by Let's Encrypt can change without notice, whitelisting specific addresses isn’t a viable solution. If your firewall allows path-based whitelisting (e.g., */.well-known/acme-challenge), that could resolve the issue, as noted here. Unfortunately, solutions like FortiGate only support this approach with some workarounds. An alternative is to use a DNS-01 challenge, which involves setting a TXT record. However, for automated certificate renewal, you’d need to automate the DNS updates. If neither option works, you might need to temporarily disable geoblocking during certificate renewal. |
Checklist
jc21/nginx-proxy-manager:latestdocker image?Describe the bug
Renew a Cert show a error "Internal Error"
Nginx Proxy Manager Version
v2.11.3 © 2024
To Reproduce
Steps to reproduce the behavior:
Expected behavior
`2024-08-08 14:59:15,467:DEBUG:certbot._internal.main:certbot version: 2.11.0
2024-08-08 14:59:15,467:DEBUG:certbot._internal.main:Location of certbot entry point: /opt/certbot/bin/certbot
2024-08-08 14:59:15,467:DEBUG:certbot._internal.main:Arguments: ['--force-renewal', '--config', '/etc/letsencrypt.ini', '--work-dir', '/tmp/letsencrypt-lib', '--logs-dir', '/tmp/letsencrypt-log', '--cert-name', 'npm-23', '--preferred-challenges', 'dns,http', '--no-random-sleep-on-renew', '--disable-hook-validation']
2024-08-08 14:59:15,468:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-08-08 14:59:15,503:DEBUG:certbot._internal.log:Root logging level set at 30
2024-08-08 14:59:15,505:DEBUG:certbot._internal.display.obj:Notifying user: Processing /etc/letsencrypt/renewal/npm-23.conf
2024-08-08 14:59:15,508:DEBUG:certbot.configuration:Var pref_challs=['dns-01', 'http-01'] (set by user).
2024-08-08 14:59:15,509:DEBUG:certbot._internal.plugins.selection:Requested authenticator None and installer None
2024-08-08 14:59:15,509:DEBUG:certbot.configuration:Var preferred_chain=ISRG Root X1 (set by user).
2024-08-08 14:59:15,509:DEBUG:certbot.configuration:Var key_type=ecdsa (set by user).
2024-08-08 14:59:15,509:DEBUG:certbot.configuration:Var elliptic_curve=secp384r1 (set by user).
2024-08-08 14:59:15,509:DEBUG:certbot.configuration:Var webroot_path=['/data/letsencrypt-acme-challenge'] (set by user).
2024-08-08 14:59:15,510:DEBUG:certbot.configuration:Var webroot_map={'webroot_path'} (set by user).
2024-08-08 14:59:15,510:DEBUG:certbot.configuration:Var webroot_path=['/data/letsencrypt-acme-challenge'] (set by user).
2024-08-08 14:59:15,542:DEBUG:certbot._internal.renewal:Auto-renewal forced with --force-renewal...
2024-08-08 14:59:15,542:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2024-08-08 14:59:15,542:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot
Description: Saves the necessary validation files to a .well-known/acme-challenge/ directory within the nominated webroot path. A seperate HTTP server must be running and serving files from the webroot path. HTTP challenge only (wildcards not supported).
Interfaces: Authenticator, Plugin
Entry point: EntryPoint(name='webroot', value='certbot._internal.plugins.webroot:Authenticator', group='certbot.plugins')
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7f7f612590>
Prep: True
2024-08-08 14:59:15,543:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x7f7f612590> and installer None
2024-08-08 14:59:15,543:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2024-08-08 14:59:15,861:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/773988146', new_authzr_uri=None, terms_of_service=None), f55afaae3cb6f26118163d6b0d80a4ac, Meta(creation_dt=datetime.datetime(2022, 10, 13, 8, 45, 59, tzinfo=), creation_host='384d937800d8', register_to_eff=None))>
2024-08-08 14:59:15,863:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2024-08-08 14:59:15,867:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2024-08-08 14:59:16,344:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 746
2024-08-08 14:59:16,345:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 08 Aug 2024 14:59:16 GMT
Content-Type: application/json
Content-Length: 746
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"1CzWEwQ2nt8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-03/renewalInfo",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2024-08-08 14:59:16,347:DEBUG:certbot._internal.display.obj:Notifying user: Renewing an existing certificate for pic.mydomain.de
2024-08-08 14:59:16,354:DEBUG:acme.client:Requesting fresh nonce
2024-08-08 14:59:16,354:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2024-08-08 14:59:16,498:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2024-08-08 14:59:16,499:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 08 Aug 2024 14:59:16 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: Cb9-D9qJ4P2deq23MlUwfzuu9Y9Pliu_chLUtoHw3tazw6JkgUU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2024-08-08 14:59:16,499:DEBUG:acme.client:Storing nonce: Cb9-D9qJ4P2deq23MlUwfzuu9Y9Pliu_chLUtoHw3tazw6JkgUU
2024-08-08 14:59:16,499:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "pic.mydomain.de"\n }\n ]\n}'
2024-08-08 14:59:16,508:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzczOTg4MTQ2IiwgIm5vbmNlIjogIkNiOS1EOXFKNFAyZGVxMjNNbFV3Znp1dTlZOVBsaXVfY2hMVXRvSHczdGF6dzZKa2dVVSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIn0",
"signature": "e9U7fr0RjlsPMRV1ZxyLfO32kyEb1ISEjykFfFvbvoCRlTLhBjIxy1QJFtkz08OL2fkKW4eDwCT0kBuvhRpn0g7JZjTUHDfWYral32Xpqn8bO4ulVDMPYGH8tlKjRd9j6Z3eKDvZjxnPF2-YCn3rf7V2V_-wF_qh5bIk5wt-Sr7h9vM87k3ZvRNNjvvWJp9-8EutQG9s2VKUXO4NwF3TxbQS6WOBOSBGLxIgYDydKU1r6fG5iC-kEsgOLkNZQBu25porAHMZC_P3BJvOFMJQ17NaBN_48YvUwnhLbMJSp_0XUga19ytVMoLXHOmTG68sqJKsjhRrimd2pZZvbOztzg",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInBpYy5wYXN0b3Jpay5kZSIKICAgIH0KICBdCn0"
}
2024-08-08 14:59:17,291:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 340
2024-08-08 14:59:17,292:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Thu, 08 Aug 2024 14:59:17 GMT
Content-Type: application/json
Content-Length: 340
Connection: keep-alive
Boulder-Requester: 773988146
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/773988146/294531182696
Replay-Nonce: Cb9-D9qJq9X-m9loBjTfktREkxVlejzK8xo9hsq8i101hJg6jIQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2024-08-15T14:59:16Z",
"identifiers": [
{
"type": "dns",
"value": "pic.mydomain.de"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/387696897956"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/773988146/294531182696"
}
2024-08-08 14:59:17,292:DEBUG:acme.client:Storing nonce: Cb9-D9qJq9X-m9loBjTfktREkxVlejzK8xo9hsq8i101hJg6jIQ
2024-08-08 14:59:17,292:DEBUG:acme.client:JWS payload:
b''
2024-08-08 14:59:17,298:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/387696897956:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzczOTg4MTQ2IiwgIm5vbmNlIjogIkNiOS1EOXFKcTlYLW05bG9CalRma3RSRWt4VmxlanpLOHhvOWhzcThpMTAxaEpnNmpJUSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMzg3Njk2ODk3OTU2In0",
"signature": "hB3VgDBvOkCTG067FG7i7UfJY1-FgS9cQHGzjlZPshdcRs3N-8eAa977dIKZd5ZwSyxprl4Gz8ZU7cHkBVAnWjiFmsRqkDsgJOH45KZnyvJl4jiWEHo89-TZGlR_mSr3Cs-oKwt0Env9C7KOjjHAhEkSY7fioeeK4Mgay5arijxslHbljmagnLVEqlJDx9fOYRcnythvVBCONhrdnn1LDsaY-co7rcOAIjm_vJ1xCBn6pSP5aeGMHpIun9WTE3FYKLNK2dh1eeCxCtWhBh4otb0weY9C07SCfboViTBlZeJ5QkO0tiB12IWxw7v-J67e0Ac-x5l22wghFdgLuAt2fQ",
"payload": ""
}
2024-08-08 14:59:17,447:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/387696897956 HTTP/1.1" 200 799
2024-08-08 14:59:17,448:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 08 Aug 2024 14:59:17 GMT
Content-Type: application/json
Content-Length: 799
Connection: keep-alive
Boulder-Requester: 773988146
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 5Y8sbQiPbs06_cbJFqdsLCY7-zvMjXmOpcUjvCJxKm8o2hoALA0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "pic.mydomain.de"
},
"status": "pending",
"expires": "2024-08-15T14:59:16Z",
"challenges": [
{
"type": "http-01",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/387696897956/LrWWnQ",
"status": "pending",
"token": "SestVymotDQQxtKxeg7GYzfsedse8xJlZRFstS1BVck"
},
{
"type": "dns-01",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/387696897956/dWfSPQ",
"status": "pending",
"token": "SestVymotDQQxtKxeg7GYzfsedse8xJlZRFstS1BVck"
},
{
"type": "tls-alpn-01",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/387696897956/QdlG1w",
"status": "pending",
"token": "SestVymotDQQxtKxeg7GYzfsedse8xJlZRFstS1BVck"
}
]
}
2024-08-08 14:59:17,448:DEBUG:acme.client:Storing nonce: 5Y8sbQiPbs06_cbJFqdsLCY7-zvMjXmOpcUjvCJxKm8o2hoALA0
2024-08-08 14:59:17,449:INFO:certbot._internal.auth_handler:Performing the following challenges:
2024-08-08 14:59:17,449:INFO:certbot._internal.auth_handler:http-01 challenge for pic.mydomain.de
2024-08-08 14:59:17,450:INFO:certbot._internal.plugins.webroot:Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains.
2024-08-08 14:59:17,450:DEBUG:certbot._internal.plugins.webroot:Creating root challenges validation dir at /data/letsencrypt-acme-challenge/.well-known/acme-challenge
2024-08-08 14:59:17,452:DEBUG:certbot._internal.plugins.webroot:Attempting to save validation to /data/letsencrypt-acme-challenge/.well-known/acme-challenge/SestVymotDQQxtKxeg7GYzfsedse8xJlZRFstS1BVck
2024-08-08 14:59:17,452:DEBUG:acme.client:JWS payload:
b'{}'
2024-08-08 14:59:17,459:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/387696897956/LrWWnQ:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzczOTg4MTQ2IiwgIm5vbmNlIjogIjVZOHNiUWlQYnMwNl9jYkpGcWRzTENZNy16dk1qWG1PcGNVanZDSnhLbThvMmhvQUxBMCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMzg3Njk2ODk3OTU2L0xyV1duUSJ9",
"signature": "EJ2vQeoOnoQk2t9eeOzJ6mrP3iT7os4Yc3yq2jvCYuyMD-M7LZj1Vpj9YtAAf2P5KBEW-24AjApTiL0ry6oOUO_QujqWA6gcrPjhsG9_Dcoq9tPCp8_ZiGutiznyHinfz1IvNE3fiNTI-djSx8agV-7pdv4L_WF--53zzYUOxgTNplXY0K7BtzXvfk_fmxgzwBTZMt9XRFhNu-5f8f2-ncXehD5GZOLD-Sm5q7FfCaMZ4lsUVMh_I7CtEH3rGkKpaapcFHA26s5mE_9q6AgRURG1cgj-Mb3QUBjOLiU73wb1GekCwygXNfGEC5PnLJcPUkafnnTQiqcrlBXbY7jzJw",
"payload": "e30"
}
2024-08-08 14:59:17,608:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/387696897956/LrWWnQ HTTP/1.1" 200 187
2024-08-08 14:59:17,608:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 08 Aug 2024 14:59:17 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 773988146
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index", https://acme-v02.api.letsencrypt.org/acme/authz-v3/387696897956;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/387696897956/LrWWnQ
Replay-Nonce: Cb9-D9qJ4WUuIMjnH_4Uro9L9Z9FTps9RIO5FyMyEIoWv7LaidY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/387696897956/LrWWnQ",
"status": "pending",
"token": "SestVymotDQQxtKxeg7GYzfsedse8xJlZRFstS1BVck"
}
2024-08-08 14:59:17,609:DEBUG:acme.client:Storing nonce: Cb9-D9qJ4WUuIMjnH_4Uro9L9Z9FTps9RIO5FyMyEIoWv7LaidY
2024-08-08 14:59:17,609:INFO:certbot.internal.auth_handler:Waiting for verification...
2024-08-08 14:59:18,610:DEBUG:acme.client:JWS payload:
b''
2024-08-08 14:59:18,616:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/387696897956:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzczOTg4MTQ2IiwgIm5vbmNlIjogIkNiOS1EOXFKNFdVdUlNam5IXzRVcm85TDlaOUZUcHM5UklPNUZ5TXlFSW9XdjdMYWlkWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMzg3Njk2ODk3OTU2In0",
"signature": "oFbOEqQ6thizrT0RYbF_ig3Ibe_vWD7zobP-ljLInwIklSTbhFi0XK2xyBowCapN_c9Kn3tvjhVLlAuMeqyRYYWhC1n6L35z7adWL9TvmciLq54DBW3SgJ-f8gxc70ReSUVS3Sjw-Oup7XD_7YjIsO-MUAim0fGAkNvwYfxDxAhQecV8mclDqkzK01vAiyjfEVn4CqHeyV4l_FKwlo6UhNC59bxFGk0Gwre1ys7CgyWNtGVVA9h-VXpTZTLkNF_X0LTO-WR4iqYUj0Qsny8KvtKZ_P-emgyjnXvnp7MrbzCNC4CfFQ6H5OJgjqOnVtfQFnjOz2UGvsjdpCyoG_f_g",
"payload": ""
}
2024-08-08 14:59:18,765:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/387696897956 HTTP/1.1" 200 1028
2024-08-08 14:59:18,765:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 08 Aug 2024 14:59:18 GMT
Content-Type: application/json
Content-Length: 1028
Connection: keep-alive
Boulder-Requester: 773988146
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 5Y8sbQiPXfHnKzyC4rIF7UbAQNWuqPOxQcLnx1c8HhSBUlwnLr8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "pic.mydomain.de"
},
"status": "invalid",
"expires": "2024-08-15T14:59:16Z",
"challenges": [
{
"type": "http-01",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/387696897956/LrWWnQ",
"status": "invalid",
"validated": "2024-08-08T14:59:17Z",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "93.236.129.34: Fetching http://pic.mydomain.de/.well-known/acme-challenge/SestVymotDQQxtKxeg7GYzfsedse8xJlZRFstS1BVck: Connection refused",
"status": 400
},
"token": "SestVymotDQQxtKxeg7GYzfsedse8xJlZRFstS1BVck",
"validationRecord": [
{
"url": "http://pic.mydomain.de/.well-known/acme-challenge/SestVymotDQQxtKxeg7GYzfsedse8xJlZRFstS1BVck",
"hostname": "pic.mydomain.de",
"port": "80",
"addressesResolved": [
"93.236.129.34"
],
"addressUsed": "93.236.129.34"
}
]
}
]
}
2024-08-08 14:59:18,766:DEBUG:acme.client:Storing nonce: 5Y8sbQiPXfHnKzyC4rIF7UbAQNWuqPOxQcLnx1c8HhSBUlwnLr8
2024-08-08 14:59:18,766:INFO:certbot._internal.auth_handler:Challenge failed for domain pic.mydomain.de
2024-08-08 14:59:18,767:INFO:certbot._internal.auth_handler:http-01 challenge for pic.mydomain.de
2024-08-08 14:59:18,767:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: pic.mydomain.de
Type: connection
Detail: 93.236.129.34: Fetching http://pic.mydomain.de/.well-known/acme-challenge/SestVymotDQQxtKxeg7GYzfsedse8xJlZRFstS1BVck: Connection refused
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
2024-08-08 14:59:18,769:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2024-08-08 14:59:18,769:DEBUG:certbot._internal.error_handler:Calling registered functions
2024-08-08 14:59:18,769:INFO:certbot._internal.auth_handler:Cleaning up challenges
2024-08-08 14:59:18,769:DEBUG:certbot._internal.plugins.webroot:Removing /data/letsencrypt-acme-challenge/.well-known/acme-challenge/SestVymotDQQxtKxeg7GYzfsedse8xJlZRFstS1BVck
2024-08-08 14:59:18,770:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up
2024-08-08 14:59:18,770:ERROR:certbot._internal.renewal:Failed to renew certificate npm-23 with error: Some challenges have failed.
2024-08-08 14:59:18,774:DEBUG:certbot._internal.renewal:Traceback was:
Traceback (most recent call last):
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/renewal.py", line 540, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1550, in renew_cert
renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 131, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/renewal.py", line 399, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2024-08-08 14:59:18,779:DEBUG:certbot._internal.display.obj:Notifying user:
2024-08-08 14:59:18,780:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed:
2024-08-08 14:59:18,781:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/npm-23/fullchain.pem (failure)
2024-08-08 14:59:18,781:DEBUG:certbot._internal.display.obj:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2024-08-08 14:59:18,781:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/opt/certbot/bin/certbot", line 8, in
sys.exit(main())
^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1894, in main
return config.func(config, plugins)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1642, in renew
renewed_domains, failed_domains = renewal.handle_renewal_request(config)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/renewal.py", line 568, in handle_renewal_request
raise errors.Error(
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2024-08-08 14:59:18,784:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s)`
logifle /tmp/letsencrypt-log
Operating System
Rpi4 raspbian x64
Additional context
The text was updated successfully, but these errors were encountered: