I’m trying to renewal my SSL certificate on my sit, when I run:
I get “No renewals were attempted” and when I run certbot certificates, I get “no certs found”.
I can see files in the /etc/letsencrypt for the site.com and www.site.com/
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
As this turned out to be a long discussion, I will summarize it so that it is easier for anyone else who comes across this to find the solution:
The problem affected the Ghose droplets created from the DigitalOcean Marketplace
The problem was an outdated acme.sh script. The error that we were getting was:
Could not get nonce, let's try again.
sudo /etc/letsencrypt/acme.sh --upgrade -b dev
/root/.acme.sh/acme.sh --force --renew --home /etc/letsencrypt --domain yourdomain.com --webroot /var/www/ghost/system/nginx-root --reloadcmd "nginx -s reload" --accountemail email@example.com
Find the acme.sh cronjob and change the path accordingly.
Hope that this helps anyone who comes across the same issue!
I could suggest a couple of things here:
Check the /etc/letsencrypt/renewal log
Try running the command with -v for more information, and then check the log again
Try running certbot renew --dry-run and check the output
certbot renew --dry-run
Share your Nginx/Apache Vhost here so that I could advise you further
Thank you @bobbyiliev, you deserve a good Christmas bonus this year!
I needed to make sure I had renewed by www cert and then it showed. Fingers crossed it will auto renew aswell
yes that solved it! whoever you are, you are a hero, thanks for helping with this! Do you have any idea if the cert will now auto renew going forward?
no luck. i get this in response:
root@reframe-digital:~# sudo /etc/letsencrypt/acme.sh --upgrade -b dev
[Tue Nov 5 19:42:32 UTC 2019] Installing from online archive.
[Tue Nov 5 19:42:32 UTC 2019] Downloading https://github.com/Neilpang/acme.sh/archive/dev.tar.gz
[Tue Nov 5 19:42:33 UTC 2019] Extracting dev.tar.gz
[Tue Nov 5 19:42:33 UTC 2019] It is recommended to install socat first.
[Tue Nov 5 19:42:33 UTC 2019] We use socat for standalone server if you use standalone mode.
[Tue Nov 5 19:42:33 UTC 2019] If you don't use standalone mode, just ignore this warning.
[Tue Nov 5 19:42:33 UTC 2019] Installing to /root/.acme.sh
[Tue Nov 5 19:42:33 UTC 2019] Installed to /root/.acme.sh/acme.sh
[Tue Nov 5 19:42:33 UTC 2019] Good, bash is found, so change the shebang to use bash as preferred.
[Tue Nov 5 19:42:34 UTC 2019] OK
[Tue Nov 5 19:42:34 UTC 2019] Install success!
[Tue Nov 5 19:42:34 UTC 2019] Upgrade success!
but the “Could not get nonce, let’s try again.” remains
i have that cron job (although it starts with a 52 not 51). When i run the other command i get the following:
root@reframe-digital:~# sudo /etc/letsencrypt/acme.sh --force --renew --home /etc/letsencrypt --domain shared-digital.eu --webroot /var/www/ghost/system/nginx-root --reloadcmd "nginx -s reload" --accountemail firstname.lastname@example.org
[Tue Nov 5 13:09:49 UTC 2019] Renew: 'shared-digital.eu'
[Tue Nov 5 13:09:50 UTC 2019] Single domain='shared-digital.eu'
[Tue Nov 5 13:09:50 UTC 2019] Getting domain auth token for each domain
[Tue Nov 5 13:09:50 UTC 2019] Getting webroot for domain='shared-digital.eu'
[Tue Nov 5 13:09:50 UTC 2019] Getting new-authz for domain='shared-digital.eu'
[Tue Nov 5 13:09:50 UTC 2019] Could not get nonce, let's try again.
[Tue Nov 5 13:09:54 UTC 2019] Could not get nonce, let's try again.
this continues until i terminate the process
Hello Bobby, in total i have 5 configs in that folder.
www.yourdomain.conf and yourdomain.com.conf are the same
but yourdomain-ssl.conf and yourdomain.com-sll.conf differ with the top added
listen 443 ssl http2;
listen [::]:443 ssl http2;
sudo certbot --nginx -d example.com -d www.example.com
When I run the above command, i get the following message:
The requested nginx plugin does not appear to be installed
Join 1M+ other developers and: