Let's Encrypt - renew ??

Discussion in 'Installation/Configuration' started by MikySal78, Jan 10, 2020.

Tags:
  1. MikySal78

    MikySal78 Member

    New installation on Debian 10 (https://www.howtoforge.com/perfect-server-debian-10-buster-apache-bind-dovecot-ispconfig-3-1/).
    I receive this mail:
    Code:
    Hello,

Your certificate (or certificates) for the names listed below will expire in 20 days (on 21 Jan 20 00:06 +0000). Please make sure to renew your certificate before then, or visitors to your website will encounter errors.

We recommend renewing certificates automatically when they have a third of their
total lifetime left. For Let's Encrypt's current 90-day certificates, that means
renewing 30 days before expiration. See
https://letsencrypt.org/docs/integration-guide/ for details.

mail.offerta.in
offerta.in
srv.offerta.in
www.offerta.in

For any questions or support, please visit https://community.letsencrypt.org/. Unfortunately, we can't provide support by email.

For details about when we send these emails, please visit https://letsencrypt.org/docs/expiration-emails/. In particular, note that this reminder email is still sent if you've obtained a slightly different certificate by adding or removing names. If you've replaced this certificate with a newer one that covers more or fewer names than the list above, you may be able to ignore this message.

If you are receiving this email in error, unsubscribe at http://mandrillapp.com/track/unsub.php?u=308501xxxxx

Regards,
The Let's Encrypt Team
    Cron... nano /etc/cron.d/certbot

    Code:
    SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q  renew
    how-to fix?
    Best regards,
    Michele
     
    MikySal78, Jan 10, 2020
    #1
  2. Steini86

    Steini86 Active Member

    a) Your certificates are not getting renewed, or
    b) After renew you have not restarted the corresponding services.

    For a), see logfile (probably /var/log/letsencrypt). For b), restart services
     
    Steini86, Jan 10, 2020
    #2
  3. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    ahrasis, Jan 10, 2020
    #3
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    This cron is not used for renewal, certs are renewed by ISPConfig. If this does not happen, see post #2.
     
    till, Jan 10, 2020
    #4
  5. MikySal78

    MikySal78 Member

    Log file:
    Code:
    2020-01-10 03:00:09,351:DEBUG:certbot.main:certbot version: 0.31.0
2020-01-10 03:00:09,352:DEBUG:certbot.main:Arguments: ['-n', '--post-hook', "echo '1' > /usr/local/ispconfig/server/le.rest
art"]
2020-01-10 03:00:09,352:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nul
l,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2020-01-10 03:00:09,356:DEBUG:certbot.log:Root logging level set at 20
2020-01-10 03:00:09,356:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-01-10 03:00:09,359:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f86e2561
6a0> and installer <certbot.cli._Default object at 0x7f86e25616a0>
2020-01-10 03:00:09,363:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:00:09,363:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:00:09,364:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:00:09,365:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:00:09,366:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:00:09,366:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:00:09,368:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:00:09,368:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:00:09,369:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:00:09,370:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:00:09,371:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:00:09,371:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:00:09,373:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:00:09,373:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:00:09,374:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:00:09,375:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:00:09,376:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:00:09,377:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:00:09,378:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:00:09,378:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:00:09,380:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:00:09,380:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:00:09,380:DEBUG:certbot.renewal:no renewal failures
2020-01-10 03:32:15,182:DEBUG:certbot.main:certbot version: 0.31.0
2020-01-10 03:32:15,182:DEBUG:certbot.main:Arguments: ['-q']
2020-01-10 03:32:15,182:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nul
l,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2020-01-10 03:32:15,186:DEBUG:certbot.log:Root logging level set at 30
2020-01-10 03:32:15,186:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-01-10 03:32:15,189:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f2593b53
2e8> and installer <certbot.cli._Default object at 0x7f2593b532e8>
2020-01-10 03:32:15,192:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:32:15,193:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:32:15,194:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:32:15,194:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:32:15,196:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:32:15,196:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:32:15,197:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:32:15,197:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:32:15,198:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:32:15,199:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:32:15,200:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:32:15,200:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:32:15,202:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:32:15,202:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:32:15,203:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:32:15,203:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:32:15,205:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:32:15,205:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:32:15,206:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:32:15,206:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:32:15,207:INFO:certbot.renewal:Cert not yet due for renewal
2020-01-10 03:32:15,208:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2020-01-10 03:32:15,208:DEBUG:certbot.renewal:no renewal failures
     
    MikySal78, Jan 10, 2020
    #5
  6. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Have you checked when the certificates for domains mentioned in that e-mail actually expire? The mail says they are not renewed, but maybe you have two accounts on Let's Encrypt and only one of them is running OK now and renews the certificates, the other account e-mails you renew fails.
     
    Taleman, Jan 10, 2020
    #6
    MikySal78 likes this.
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    One thing that you can try for these certs is to untick the let's encrypt checkbox in the website settings, press save, enable it again and save.
     
    till, Jan 10, 2020
    #7
  8. MikySal78

    MikySal78 Member

    When I installed the system I chose [email protected] as an email.
    But some certbot emails arrive on listadmin (mailinglist)
    After I saw I gave the command:
    Code:
    certbot update_account --email [email protected]
certbot -m [email protected]
    did I do something wrong?
    Thanks.
     
    MikySal78, Jan 10, 2020
    #8

Share This Page