Since a few days I'm having trouble renewing my letsencrypt.org certificate for my web server.
The documentation of letsencrypt tools might be good or bad - that's impossible to say because there's certbot
, letsencrypt
, certbot-auto
, letsencrypt-auto
, /etc/certbot
which can be installed or run from the source directory or a inexisting and various subcommands which all somehow claim to do the job and then all fail with incomprehensive output with such nice variation of the ever turning wheel of nonsense feedback as:
Use of --agree-dev-preview is deprecated. Saving debug log to /var/log/letsencrypt/letsencrypt.log
in the HEAD of the master branch of https://github.com/letsencrypt/letsencrypt - are you shipping scripts that don't work?Failed authorization procedure. [hostname] (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://[hostname]/.well-known/acme-challenge/JwhGtVHZ7x6pfBztDgYL-IRQXfa1JLwhAn84Hrzi_xo: Error getting validation data
- no comment neededThe official guide at https://certbot.eff.org/#ubuntutzesty-apache for Ubuntu 17.04 and Apache2 fails due to
Use of --agree-dev-preview is deprecated. Use of --agree-dev-preview is deprecated. Too many flags setting configurators/installers/authenticators 'webroot' -> 'apache'
which leaves me clueless of whether there's any sense in pursuing this
https://community.letsencrypt.org/t/renew-all-certificate-using-cron/21162/6 tries to explain that, but fails as anything that's no in SE format. The information is outdated and everything that's said is contradicated.
The documentation like man letsencrypt
is hardly usable, at least not if you want to understand what you're doing - not mandatory, but very helpful in computer administration - it says e.g. By default, it will attempt to use a webserver both for obtaining and installing the cert
- not really sure how a web server is supposed to do the steps involved...
I'm using Ubuntu 17.04.
certbot
(from the PPA) should be enough; just callcertbot renew
. You should show what specific command you were trying to run and what the error message you got was. Why is “no comment needed” with regard to the second error you show? Isn't that worth investigating? Have you looked at related threads? And you say that you're having trouble renewing since a few days … has this worked before? What do you think has changed?