Hi everyone, hope you all are ok and someone can help me with the problem i have. I had a Gitlab server that i install using the "How to Install Gitlab on Debian 8 (Jessie)" , everything works fine till the moment my certificate expired, for some reason there's an error when the crtificate is trying to get renewed. As a comment i'm running it on debian 10. when i run the command "gitlab-ctl reconfigure" i get the following error: Code: letsencrypt_certificate[gitxxx.mydomain.com] (letsencrypt::http_authorization line 5) had an error: RuntimeError: acme_certificate[staging] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/letsencrypt/resources/certificate.rb line 25) had an error: RuntimeError: ruby_block[create certificate for gitxxx.mydomain.com] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/acme/resources/certificate.rb line 108) had an error: RuntimeError: [gitxxx.mydomain.com] Validation failed, unable to request certificate If i check the log for the automated task for the renewal i see this: Code: # Logfile created on 2021-04-11 04:30:03 -0500 by logger.rb/v1.4.2 [2021-04-11T04:30:03-05:00] INFO: Started Chef Infra Zero at chefzero://localhost:1 with repository at /opt/gitlab/embedded One version per cookbook [2021-04-11T04:30:03-05:00] INFO: *** Chef Infra Client 15.14.0 *** [2021-04-11T04:30:03-05:00] INFO: Platform: x86_64-linux [2021-04-11T04:30:03-05:00] INFO: Chef-client pid: 9315 [2021-04-11T04:30:05-05:00] INFO: Setting the run_list to ["recipe[gitlab::letsencrypt_renew]"] from CLI options [2021-04-11T04:30:05-05:00] INFO: Run List is [recipe[gitlab::letsencrypt_renew]] [2021-04-11T04:30:05-05:00] INFO: Run List expands to [gitlab::letsencrypt_renew] [2021-04-11T04:30:05-05:00] INFO: Starting Chef Infra Client Run for gitkachi.kachimushi.com [2021-04-11T04:30:05-05:00] INFO: Running start handlers [2021-04-11T04:30:05-05:00] INFO: Start handlers complete. [2021-04-11T04:30:06-05:00] INFO: Loading cookbooks [[email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], mat$ [2021-04-11T04:30:10-05:00] INFO: file[/var/opt/gitlab/nginx/www/.well-known/acme-challenge/b6nDNEfGAnrdV-Rk6OM13pmI_UESLh4Set_kfu_5EvM] created file /var/opt/gitlab/n$ [2021-04-11T04:30:10-05:00] INFO: file[/var/opt/gitlab/nginx/www/.well-known/acme-challenge/b6nDNEfGAnrdV-Rk6OM13pmI_UESLh4Set_kfu_5EvM] updated file contents /var/opt$ [2021-04-11T04:30:10-05:00] INFO: file[/var/opt/gitlab/nginx/www/.well-known/acme-challenge/b6nDNEfGAnrdV-Rk6OM13pmI_UESLh4Set_kfu_5EvM] owner changed to 0 [2021-04-11T04:30:10-05:00] INFO: file[/var/opt/gitlab/nginx/www/.well-known/acme-challenge/b6nDNEfGAnrdV-Rk6OM13pmI_UESLh4Set_kfu_5EvM] group changed to 0 [2021-04-11T04:30:10-05:00] INFO: file[/var/opt/gitlab/nginx/www/.well-known/acme-challenge/b6nDNEfGAnrdV-Rk6OM13pmI_UESLh4Set_kfu_5EvM] mode changed to 644 [2021-04-11T04:30:31-05:00] INFO: file[/var/opt/gitlab/nginx/www/.well-known/acme-challenge/b6nDNEfGAnrdV-Rk6OM13pmI_UESLh4Set_kfu_5EvM] deleted file at /var/opt/gitla$ [2021-04-11T04:30:31-05:00] INFO: Running queued delayed notifications before re-raising exception [2021-04-11T04:30:31-05:00] INFO: Running queued delayed notifications before re-raising exception [2021-04-11T04:30:31-05:00] INFO: Running queued delayed notifications before re-raising exception [2021-04-11T04:30:31-05:00] ERROR: Running exception handlers [2021-04-11T04:30:31-05:00] ERROR: Exception handlers complete [2021-04-11T04:30:31-05:00] FATAL: Stacktrace dumped to /opt/gitlab/embedded/cookbooks/cache/chef-stacktrace.out [2021-04-11T04:30:31-05:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report [2021-04-11T04:30:31-05:00] FATAL: RuntimeError: letsencrypt_certificate[gitxxx.mydomain.com] (letsencrypt::http_authorization line 5) had an error: RuntimeError: $ i've been trying to solve the error but i haven't been very lucky, so i will appreciate any lead.
Try to update your LE client, whatever LE client that you are currently using; and make sure you are using its version 2 and not 1 for your LE account. Delete the current certs if it is using the old version 1 and request for new certs instead of renewing them.