Hello,
I realised that I was receiving a lot of mails from let's encrypt telling me that my certs will expire soon
I tried to renew by hand certs but always drop error.
I went to the docker and did a
cat /var/log/letsencrypt/letsencrypt.log
here is the result
bash-5.1# cat /var/log/letsencrypt/letsencrypt.log
2023-01-19 23:50:51,060:DEBUG:certbot._internal.main:certbot version: 1.27.0
2023-01-19 23:50:51,061:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2023-01-19 23:50:51,061:DEBUG:certbot._internal.main:Arguments: ['--force-renewal', '--config', '/etc/letsencrypt.ini', '--cert-name', 'npm-34', '--preferred-challenges', 'dns,http', '--no-random-sleep-on-renew', '--disable-hook-validation']
2023-01-19 23:50:51,061:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-01-19 23:50:53,479:DEBUG:certbot._internal.log:Root logging level set at 30
2023-01-19 23:50:53,486:DEBUG:certbot._internal.display.obj:Notifying user: Processing /etc/letsencrypt/renewal/npm-34.conf
2023-01-19 23:50:53,535:DEBUG:certbot._internal.plugins.selection:Requested authenticator <certbot._internal.cli.cli_utils._Default object at 0x14f7eca8d2b0> and installer <certbot._internal.cli.cli_utils._Default object at 0x14f7eca8d2b0>
2023-01-19 23:50:53,536:DEBUG:certbot._internal.cli:Var pref_challs=dns,http (set by user).
2023-01-19 23:50:53,536:DEBUG:certbot._internal.cli:Var preferred_chain=ISRG Root X1 (set by user).
2023-01-19 23:50:53,537:DEBUG:certbot._internal.cli:Var key_type=ecdsa (set by user).
2023-01-19 23:50:53,537:DEBUG:certbot._internal.cli:Var elliptic_curve=secp384r1 (set by user).
2023-01-19 23:50:53,537:DEBUG:certbot._internal.cli:Var webroot_path=/data/letsencrypt-acme-challenge (set by user).
2023-01-19 23:50:53,538:DEBUG:certbot._internal.cli:Var webroot_map={'webroot_path'} (set by user).
2023-01-19 23:50:53,538:DEBUG:certbot._internal.cli:Var webroot_path=/data/letsencrypt-acme-challenge (set by user).
2023-01-19 23:50:53,591:DEBUG:certbot._internal.renewal:Auto-renewal forced with --force-renewal...
2023-01-19 23:50:53,592:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2023-01-19 23:50:53,598:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: Authenticator, Plugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x14f7eca90550>
Prep: True
2023-01-19 23:50:53,598:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x14f7eca90550> and installer None
2023-01-19 23:50:53,599:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2023-01-19 23:50:53,687:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/97301992', new_authzr_uri=None, terms_of_service=None), cfcc4e62d5104fbc422964fd3c9de12a, Meta(creation_dt=datetime.datetime(2020, 9, 22, 10, 45, 47, tzinfo=<UTC>), creation_host='d7b18c68d420', register_to_eff=None))>
2023-01-19 23:50:53,688:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-01-19 23:50:53,691:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2023-01-19 23:50:54,114:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 659
2023-01-19 23:50:54,115:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 19 Jan 2023 22:50:54 GMT
Content-Type: application/json
Content-Length: 659
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"boArPOo5uHk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2023-01-19 23:50:54,122:DEBUG:certbot._internal.display.obj:Notifying user: Renewing an existing certificate for my.host.net
2023-01-19 23:50:54,139:DEBUG:certbot.crypto_util:Generating ECDSA key (2048 bits): /etc/letsencrypt/keys/0012_key-certbot.pem
2023-01-19 23:50:54,154:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0012_csr-certbot.pem
2023-01-19 23:50:54,157:DEBUG:acme.client:Requesting fresh nonce
2023-01-19 23:50:54,158:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2023-01-19 23:50:54,297:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2023-01-19 23:50:54,298:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 19 Jan 2023 22:50:54 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: A5FEP8xRxBLXGeoZcrMyqcXyJ97lU3iykrCixkfZmERLRis
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2023-01-19 23:50:54,299:DEBUG:acme.client:Storing nonce: A5FEP8xRxBLXGeoZcrMyqcXyJ97lU3iykrCixkfZmERLRis
2023-01-19 23:50:54,300:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "my.host.net"\n }\n ]\n}'
2023-01-19 23:50:54,303:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTczMDE5OTIiLCAibm9uY2UiOiAiQTVGRVA4eFJ4QkxYR2VvWmNyTXlxY1h5Sjk3bFUzaXlrckNpeGtmWm1FUkxSaXMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
"signature": "X4IY07LzjQuIUpVM0QOK1AfzsIB1esBkk-L7Tialv83xcPBtpt-ODqg0V1w_5TknGkD3r0N33-hWkwtJpDycKIvJKyKYxYOIUknapdtjrasrhrzSbDTDS5e7gToAL1c8TXCWc8YBLNApbO6RGRj_5Xtjup0fRhak-rzgra_UMwBitgAl925Drv84_nsDHkISyKLPbVuudhchxlLRfZjOJSlZlub-Tc3Q5sVW1g7bYXPfuSgq_nhfiYizXJpvYKEXta46sLUvLCqBSQhkUnp7Zq7HbkGcCA2SmJy7sd43AL--v-1ZuerNV-BBqeEyEIkLJ2S7XtYJhswV9OkoV3Jvrg",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndhcmRlbi5rYXRlY2gubmV0IgogICAgfQogIF0KfQ"
}
2023-01-19 23:50:54,470:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 341
2023-01-19 23:50:54,472:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Thu, 19 Jan 2023 22:50:54 GMT
Content-Type: application/json
Content-Length: 341
Connection: keep-alive
Boulder-Requester: 97301992
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/97301992/159840323717
Replay-Nonce: F977HPI57IUFtlwRbfGvbTnYXQdms-tHB2gnl12OoCk5QTQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2023-01-26T22:50:54Z",
"identifiers": [
{
"type": "dns",
"value": "my.host.net"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/196614878867"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/97301992/159840323717"
}
2023-01-19 23:50:54,473:DEBUG:acme.client:Storing nonce: F977HPI57IUFtlwRbfGvbTnYXQdms-tHB2gnl12OoCk5QTQ
2023-01-19 23:50:54,474:DEBUG:acme.client:JWS payload:
b''
2023-01-19 23:50:54,476:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/196614878867:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTczMDE5OTIiLCAibm9uY2UiOiAiRjk3N0hQSTU3SVVGdGx3UmJmR3ZiVG5ZWFFkbXMtdEhCMmdubDEyT29DazVRVFEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzE5NjYxNDg3ODg2NyJ9",
"signature": "ooBLjfQWDfiIPvWriQYD8GmIbSOdjVepF4gV4B-7WRbX68QmJxbXQXkxmGC29x-iUVP4tjGWD6brC0iRfcUx-9XXVr6JhzMRBgz8enpktp7qLifqcv17RvEW888jZu-iLZzOkzJxfWSB1MLvocVHMOkao1Z0OFIeD4xwyzFpma350cNQJcdXJ7MjJia9_pGw3bzDuNBmPMMkBueDdcsmbVFS60jRDhi16kRrO4SNnztZJcqLnRQ4aL6gVsELUgAa_0hc6Rh8VBeGG9fEDxFMXzqL3CeBNBmUcuKqp8EBTiR24tEtDrnEH_okKFYdLd66oWswNH5kD6Y15-Ue-XSuww",
"payload": ""
}
2023-01-19 23:50:54,616:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/196614878867 HTTP/1.1" 200 801
2023-01-19 23:50:54,618:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 19 Jan 2023 22:50:54 GMT
Content-Type: application/json
Content-Length: 801
Connection: keep-alive
Boulder-Requester: 97301992
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 2712xvvXnb89hEu_3KQkLnwayymR4NdT41ErGqNt0Nax1zw
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "my.host.net"
},
"status": "pending",
"expires": "2023-01-26T22:50:54Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/6nzK5g",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/3Zv8ng",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/FAj-Ug",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
}
]
}
2023-01-19 23:50:54,619:DEBUG:acme.client:Storing nonce: 2712xvvXnb89hEu_3KQkLnwayymR4NdT41ErGqNt0Nax1zw
2023-01-19 23:50:54,620:INFO:certbot._internal.auth_handler:Performing the following challenges:
2023-01-19 23:50:54,620:INFO:certbot._internal.auth_handler:http-01 challenge for my.host.net
2023-01-19 23:50:54,621:INFO:certbot._internal.plugins.webroot:Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains.
2023-01-19 23:50:54,621:DEBUG:certbot._internal.plugins.webroot:Creating root challenges validation dir at /data/letsencrypt-acme-challenge/.well-known/acme-challenge
2023-01-19 23:50:54,625:DEBUG:certbot._internal.plugins.webroot:Attempting to save validation to /data/letsencrypt-acme-challenge/.well-known/acme-challenge/nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM
2023-01-19 23:50:54,627:DEBUG:acme.client:JWS payload:
b'{}'
2023-01-19 23:50:54,630:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/6nzK5g:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTczMDE5OTIiLCAibm9uY2UiOiAiMjcxMnh2dlhuYjg5aEV1XzNLUWtMbndheXltUjROZFQ0MUVyR3FOdDBOYXgxenciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzE5NjYxNDg3ODg2Ny82bnpLNWcifQ",
"signature": "B0A_PFhBve87B25kqbM6qAi4g4KYQItqqyz4Yy8qkTNIbw6hu_GLbi0NUXJ77a6RmN5zWdn0ZgGuZQfPw37L964AH98tsj8fnoVraVyLe-yPumFJGD1KRtzVZaP7ebNoxyMyGMmBV_lKkgqy9m4T8I8JnCNLk-L1GUrrEItG2dGcItkErUGNd6upNpL1sfcoIgxHZ13TJdR_4TvVAQl8ZBjL0i2juoj-K7jXbqUuCS3tw847IOQwC0K7aJuBsLxtuKLTHuaMyPfxXayEz3Gv4563j62CG0Bp4O_tLx5Zcwmx2SLDbrQRoKQfj-ZPMIoTpJVbRnBx089NliiyIf9BAQ",
"payload": "e30"
}
2023-01-19 23:50:54,773:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/196614878867/6nzK5g HTTP/1.1" 200 187
2023-01-19 23:50:54,775:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 19 Jan 2023 22:50:54 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 97301992
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/196614878867>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/6nzK5g
Replay-Nonce: 2712nqlnrMugVmbfIqNn3d78lo-cSnYtLCXoia9Aw-9H2YI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/6nzK5g",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
}
2023-01-19 23:50:54,776:DEBUG:acme.client:Storing nonce: 2712nqlnrMugVmbfIqNn3d78lo-cSnYtLCXoia9Aw-9H2YI
2023-01-19 23:50:54,777:INFO:certbot._internal.auth_handler:Waiting for verification...
2023-01-19 23:50:55,779:DEBUG:acme.client:JWS payload:
b''
2023-01-19 23:50:55,785:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/196614878867:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTczMDE5OTIiLCAibm9uY2UiOiAiMjcxMm5xbG5yTXVnVm1iZklxTm4zZDc4bG8tY1NuWXRMQ1hvaWE5QXctOUgyWUkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzE5NjYxNDg3ODg2NyJ9",
"signature": "tK_yi34Mh-SC2SMo5tLNVxaDhU-YzVkcEu4BI5IoymklmicPlJKJDhoKEGBE0xg6Tspm90m9V9m3MND4_ZzCZ8FRqpsr98YV8Onhv7U2KgKlvbFutXlgLUSeoJnRkD-FW86o0_FUWhGVHpV4S4y802rg-gLRUm21g9UDft5P_nGNA1Q5Q4fA9hQ8J8hJPMe2xeNRW3-_xfrV0xB_dL3-nejryztQ4qvQoxtvSjp_DK4yku2p8LFiultRArLD4d9aHvb1yas2BMSNcN2XbD7Sxw0F4Il4ZedinmC2w3GPcZ_cTDVDEubsTiQGqrWUzmEsKNdDR139CJq-eqQouSRCug",
"payload": ""
}
2023-01-19 23:50:55,927:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/196614878867 HTTP/1.1" 200 801
2023-01-19 23:50:55,928:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 19 Jan 2023 22:50:55 GMT
Content-Type: application/json
Content-Length: 801
Connection: keep-alive
Boulder-Requester: 97301992
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: A5FEHwx4ntAtDM7GO4PgIo8cYi4WG7eUE-qW6by68iyjTYI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "my.host.net"
},
"status": "pending",
"expires": "2023-01-26T22:50:54Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/6nzK5g",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/3Zv8ng",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/FAj-Ug",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
}
]
}
2023-01-19 23:50:55,929:DEBUG:acme.client:Storing nonce: A5FEHwx4ntAtDM7GO4PgIo8cYi4WG7eUE-qW6by68iyjTYI
2023-01-19 23:50:58,933:DEBUG:acme.client:JWS payload:
b''
2023-01-19 23:50:58,939:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/196614878867:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTczMDE5OTIiLCAibm9uY2UiOiAiQTVGRUh3eDRudEF0RE03R080UGdJbzhjWWk0V0c3ZVVFLXFXNmJ5NjhpeWpUWUkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzE5NjYxNDg3ODg2NyJ9",
"signature": "S5EeflLmuk3kTOo7KcYg0Qk3DdwFAvMfyXlELoYpUD2vfTtaagBTZgsFR7DSWX8BoMJEEblDE8bIZ1gcpojinPBHytucmwUyKhiT8U5gAEOdXOxpdwz8ub-MS_wACxRypzaWTrAKuWQek0rrSqfnR8VLSJ_84s9XKHQtJlFYWpoLJXE6oZMzo2_r3p8N9AaMVFctO7QJIUoaO-AC_r50okCib0G0oMnrFLOVAez7wQwX03jTMpvQreUNzxvVtqsUDgFmXSr0zrLMXp-Nrvo8G0f0IpURNfZxkudPvVyDx3LuAgeEznUOFAUuMf5Gd4kZ_QKy2K2XqUBu9tKFtjRs4A",
"payload": ""
}
2023-01-19 23:50:59,085:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/196614878867 HTTP/1.1" 200 801
2023-01-19 23:50:59,087:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 19 Jan 2023 22:50:59 GMT
Content-Type: application/json
Content-Length: 801
Connection: keep-alive
Boulder-Requester: 97301992
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: F977CIdBnXkLMhLauFWsWee65g0Sjt4qKopEjh0u8pzaD9Q
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "my.host.net"
},
"status": "pending",
"expires": "2023-01-26T22:50:54Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/6nzK5g",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/3Zv8ng",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/FAj-Ug",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
}
]
}
2023-01-19 23:50:59,088:DEBUG:acme.client:Storing nonce: F977CIdBnXkLMhLauFWsWee65g0Sjt4qKopEjh0u8pzaD9Q
2023-01-19 23:51:02,092:DEBUG:acme.client:JWS payload:
b''
2023-01-19 23:51:02,098:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/196614878867:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTczMDE5OTIiLCAibm9uY2UiOiAiRjk3N0NJZEJuWGtMTWhMYXVGV3NXZWU2NWcwU2p0NHFLb3BFamgwdThwemFEOVEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzE5NjYxNDg3ODg2NyJ9",
"signature": "bAr3IyaJxFcCVomRVISLdP9qKl0l6dpo6m_nunEkQB87anchXHeeemP3_8mjJjJvQFybNxBr1khw9yg4nllbK6QduhQ6MjV5qMjrErpghLrL33a8SQJOzBHIKYNWlBYoBKk32sYmEmIfka2dAV9cWJsIUHcBXH4d8o7n_PONUMQT-OKXm3hWvXC_z0ZEE8mw7DQdloLRPnkrFJctcjs0XSj4PfbH7Ix_iiaj6FVbZPJyCVt0saoj6PybWCNpF6vCm6Soy8UV4_jbyrg3jC0VfLBffrgDI00C0CJrmlAXT6zMGlsfVenjfJewKC_QxFEsMcg3iwymvSb1T9Zk7SDGXg",
"payload": ""
}
2023-01-19 23:51:02,241:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/196614878867 HTTP/1.1" 200 801
2023-01-19 23:51:02,243:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 19 Jan 2023 22:51:02 GMT
Content-Type: application/json
Content-Length: 801
Connection: keep-alive
Boulder-Requester: 97301992
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: F977CJnaLdGU1Od_M-vbdzDKAVk6cC1R7CitnreW-MMcpnc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "my.host.net"
},
"status": "pending",
"expires": "2023-01-26T22:50:54Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/6nzK5g",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/3Zv8ng",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/FAj-Ug",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM"
}
]
}
2023-01-19 23:51:02,243:DEBUG:acme.client:Storing nonce: F977CJnaLdGU1Od_M-vbdzDKAVk6cC1R7CitnreW-MMcpnc
2023-01-19 23:51:05,246:DEBUG:acme.client:JWS payload:
b''
2023-01-19 23:51:05,251:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/196614878867:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTczMDE5OTIiLCAibm9uY2UiOiAiRjk3N0NKbmFMZEdVMU9kX00tdmJkekRLQVZrNmNDMVI3Q2l0bnJlVy1NTWNwbmMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzE5NjYxNDg3ODg2NyJ9",
"signature": "gChvCJzV5hxNCNFp4Q6yBcnVu5YPfIOb5hXWPhWrLX8x7hGZqMPTWm2FwXarzHv1G4adgn_Q3aUEh24pE73KCVB522bE3TNiWEQ-BTEXcCfyzMxPrMFO5wuX8iTwsqP5wTLeixCuOdEynSxNJGglBOfeJf_JNVwaIV_3nJM8Kc67XlGiF27aA05I5q46888i-iLqesqhH3NIgQA7NYSpBsmZPikLDyFgB8kXRJmrxTjy7LU-XsK1SC2dLyP3BXjGNkzRT-Ek2VxTu4cf6E29NqE2xdyZPgp1uiHEvKSdauv7peDs4Qbt4htRfKpII53dQemDhS0oympwzd7as20HDA",
"payload": ""
}
2023-01-19 23:51:05,391:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/196614878867 HTTP/1.1" 200 1060
2023-01-19 23:51:05,392:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 19 Jan 2023 22:51:05 GMT
Content-Type: application/json
Content-Length: 1060
Connection: keep-alive
Boulder-Requester: 97301992
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 853F3k_3x_syoNGSuO0mWbO2DW7GxhxyiT0ABFzfTUKg5n0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "my.host.net"
},
"status": "invalid",
"expires": "2023-01-26T22:50:54Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "89.95.42.66: Fetching http://my.host.net/.well-known/acme-challenge/nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM: Timeout during connect (likely firewall problem)",
"status": 400
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/196614878867/6nzK5g",
"token": "nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM",
"validationRecord": [
{
"url": "http://my.host.net/.well-known/acme-challenge/nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM",
"hostname": "my.host.net",
"port": "80",
"addressesResolved": [
"89.95.42.66"
],
"addressUsed": "89.95.42.66"
}
],
"validated": "2023-01-19T22:50:54Z"
}
]
}
2023-01-19 23:51:05,393:DEBUG:acme.client:Storing nonce: 853F3k_3x_syoNGSuO0mWbO2DW7GxhxyiT0ABFzfTUKg5n0
2023-01-19 23:51:05,394:INFO:certbot._internal.auth_handler:Challenge failed for domain my.host.net
2023-01-19 23:51:05,395:INFO:certbot._internal.auth_handler:http-01 challenge for my.host.net
2023-01-19 23:51:05,395:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: my.host.net
Type: connection
Detail: 89.95.42.66: Fetching http://my.host.net/.well-known/acme-challenge/nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
2023-01-19 23:51:05,396:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 106, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 206, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-01-19 23:51:05,396:DEBUG:certbot._internal.error_handler:Calling registered functions
2023-01-19 23:51:05,397:INFO:certbot._internal.auth_handler:Cleaning up challenges
2023-01-19 23:51:05,397:DEBUG:certbot._internal.plugins.webroot:Removing /data/letsencrypt-acme-challenge/.well-known/acme-challenge/nB9BxlKyyRe91XjvTdn78jGOPM5sY2n8vHXz8WeC2XM
2023-01-19 23:51:05,398:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up
2023-01-19 23:51:05,399:ERROR:certbot._internal.renewal:Failed to renew certificate npm-34 with error: Some challenges have failed.
2023-01-19 23:51:05,402:DEBUG:certbot._internal.renewal:Traceback was:
Traceback (most recent call last):
File "/usr/lib/python3.9/site-packages/certbot/_internal/renewal.py", line 484, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1541, in renew_cert
renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 129, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/usr/lib/python3.9/site-packages/certbot/_internal/renewal.py", line 344, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 441, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 493, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 106, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 206, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-01-19 23:51:05,404:DEBUG:certbot._internal.display.obj:Notifying user:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2023-01-19 23:51:05,405:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed:
2023-01-19 23:51:05,405:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/npm-34/fullchain.pem (failure)
2023-01-19 23:51:05,405:DEBUG:certbot._internal.display.obj:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2023-01-19 23:51:05,406:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 8, in <module>
sys.exit(main())
File "/usr/lib/python3.9/site-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1744, in main
return config.func(config, plugins)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1630, in renew
renewal.handle_renewal_request(config)
File "/usr/lib/python3.9/site-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request
raise errors.Error(
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2023-01-19 23:51:05,406:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s)
bash-5.1# date
Thu Jan 19 23:55:35 CET 2023
I don't know what to do ? It used to work well