Let's Encrypt won't renew with offline page


(Felix Freiberger) #21

Okay, according to the log, you were quite behind on updates, but nothing for letsencrypt. How did you install letsencrypt? Try removing it and installing it via apt-get (which is possible in Ubuntu 16.04).


(EW 👌) #22

I did the update and upgrade commands but still the same error when I tried to renew. (as per log I did sent in PM)

My Letsencrypt has been installed following DO article:
https://cloud.digitalocean.com/support/suggestions?article=how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04&i=e58226&page=0&query=letsencrypt%20

Then I discovered your offline page setup and I did adapted the setting to my site.

But after all that I’d upgraded Ubuntu to 16.04 (I don’t know if its relevant)


(EW 👌) #23

I did:

apt-get remove letsencrypt

then:

apt-get install letsencrypt

But same error when renew!


(Felix Freiberger) #24

Removing via apt-get won’t work as you installed manually.

I don’t understand why you can run letsencrypt without going to /opt/letsencrypt, but… try running letsencrypt-auto instead of letsencrypt, which should update automatically?


(EW 👌) #25

letsencrypt-auto giving

letsencrypt-auto: command not found


(Felix Freiberger) #26

Okay, in that case, I don’t understand how you installed letsencrypt. Either way, you need to get a recent version of letsencrypt running.

What does which letsencrypt say?


(EW 👌) #27
root@community:/opt/letsencrypt# which letsencrypt
/usr/bin/letsencrypt

(Felix Freiberger) #28

Hm, looks like letsencrypt was installed by apt-get after all.

This may explain the error:

Looks like Ubuntu currently delivers 0.4.1, and you’ve run a newer version of letsencrypt before. Do you have a folder /opt/letsencrypt?


(EW 👌) #29

I’m going to check.

And yes I’m already running the commands from that folder as above.


(Felix Freiberger) #30

In that case, switch to that folder, and run letsencrypt-auto from there.


(EW 👌) #31
root@community:/opt/letsencrypt# ls -l
total 220
drwxr-xr-x 5 root root  4096 Jan 10 10:06 acme
drwxr-xr-x 5 root root  4096 Jan 10 10:06 certbot
drwxr-xr-x 4 root root  4096 Jan 10 10:06 certbot-apache
-rwxr-xr-x 1 root root 44442 Jan 10 10:06 certbot-auto
drwxr-xr-x 5 root root  4096 Jan 10 10:06 certbot-compatibility-test
drwxr-xr-x 5 root root  4096 Jan 10 10:06 certbot-nginx
-rw-r--r-- 1 root root   276 Jan 10 10:06 CHANGES.rst
-rw-r--r-- 1 root root  1402 Jan 10 10:06 CONTRIBUTING.md
-rw-r--r-- 1 root root   267 Jan 10 10:06 docker-compose.yml
-rw-r--r-- 1 root root  2771 Jan 10 10:06 Dockerfile
-rw-r--r-- 1 root root  2868 Jan 10 10:06 Dockerfile-dev
drwxr-xr-x 5 root root  4096 Jan 10 10:06 docs
drwxr-xr-x 3 root root  4096 Jan 10 10:06 examples
-rwxr-xr-x 1 root root 44442 Jan 10 10:06 letsencrypt-auto
drwxr-xr-x 4 root root  4096 Jan 10 10:06 letsencrypt-auto-source
drwxr-xr-x 4 root root  4096 Jan 10 10:06 letshelp-certbot
-rw-r--r-- 1 root root 11456 Jan 10 10:06 LICENSE.txt
-rw-r--r-- 1 root root   813 Jan 10 10:06 linter_plugin.py
-rw-r--r-- 1 root root   205 Jan 10 10:06 MANIFEST.in
-rwxr-xr-x 1 root root    62 Jan 10 10:06 pep8.travis.sh
-rw-r--r-- 1 root root  8403 Jan 10 10:06 README.rst
-rw-r--r-- 1 root root   494 Jan 10 10:06 readthedocs.org.requirements.txt
-rw-r--r-- 1 root root   139 Jan 10 10:06 setup.cfg
-rw-r--r-- 1 root root  4256 Jan 10 10:06 setup.py
drwxr-xr-x 4 root root  4096 Jan 10 10:06 tests
drwxr-xr-x 2 root root  4096 Jan 10 10:06 tools
-rwxr-xr-x 1 root root  1316 Jan 10 10:06 tox.cover.sh
-rw-r--r-- 1 root root  5861 Jan 10 10:06 tox.ini
-rw-r--r-- 1 root root  2038 Jan 10 10:06 Vagrantfile
root@community:/opt/letsencrypt# letsencrypt-auto
letsencrypt-auto: command not found
root@community:/opt/letsencrypt#

(Felix Freiberger) #32

Prepend ./ since you’re running a file in the current directory:

./letsencrypt-auto <your usual arguments>

(EW 👌) #33

:blush:

root@community:/opt/letsencrypt# ./letsencrypt-auto


                         lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk
                         x Saving debug log to /var/log/letsencrypt/letsencrypt.log             x

                         x                                                                      x
                         x                                                                      x
                         mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj

                         lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk
                         x Saving debug log to /var/log/letsencrypt/letsencrypt.log             x
                         x Failed to find apache2ctl in PATH:                                   x
                         x /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/ga x
                         x mes:/usr/local/games                                                 x
                         x                                                                      x
                         x                                                                      x
                         mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj

Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a
 certificate for you. Please run "letsencrypt-auto certonly" to do so. You'll need to manually configure your web server to use the resulting certificate.

Update : (Happy End! :smile:)
Then I run ./letsencrypt-auto certonly

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at
   /etc/letsencrypt/live/community.example.com/fullchain.pem. Your
   cert will expire on 2017-04-10. To obtain a new or tweaked version
   of this certificate in the future, simply run letsencrypt-auto
   again. To non-interactively renew *all* of your certificates, run
   "letsencrypt-auto renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

root@community:/opt/letsencrypt#

Now the site is SSL again but at the offline page!


(Felix Freiberger) #34

Add the usual arguments, either renew or the full certonly thingy :wink:


(EW 👌) #35

I did restarted my droplet and everything working just fine :slight_smile:

Dear Felix, Many thanks for your help and patience. I do appreciate all your support and kindness :tada:


(Felix Freiberger) #36

Yes, your cert is new and fresh :thumbsup: