By Graeme
I’m trying to renewal my SSL certificate on my sit, when I run:
certbot renew
I get “No renewals were attempted” and when I run certbot certificates, I get “no certs found”.
I can see files in the /etc/letsencrypt for the site.com and www.site.com/
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Accepted Answer
Hi all,
As this turned out to be a long discussion, I will summarize it so that it is easier for anyone else who comes across this to find the solution:
-
The problem affected the Ghose droplets created from the DigitalOcean Marketplace
-
The problem was an outdated
acme.shscript. The error that we were getting was:
Could not get nonce, let's try again.
- To fix the issue we had to update the script from the dev branch of the acme repo:
sudo /etc/letsencrypt/acme.sh --upgrade -b dev
- After that, we noticed that the updated script was stored at:
/root/.acme.sh/acme.sh
- To renew the SSL certificate we had to run:
/root/.acme.sh/acme.sh --force --renew --home /etc/letsencrypt --domain yourdomain.com --webroot /var/www/ghost/system/nginx-root --reloadcmd "nginx -s reload" --accountemail yourmail@yourdomain.com
- We also had to adjust the cronjob so that the certificate could be renewed automatically, so we had to change the path from
/etc/letsencrypt/acme.shto/root/.acme.sh/acme.sh, to do that just run:
crontab -e
Find the acme.sh cronjob and change the path accordingly.
Hope that this helps anyone who comes across the same issue! Regards, Bobby
yes that solved it! whoever you are, you are a hero, thanks for helping with this! Do you have any idea if the cert will now auto renew going forward?
no luck. i get this in response:
root@reframe-digital:~# sudo /etc/letsencrypt/acme.sh --upgrade -b dev
[Tue Nov 5 19:42:32 UTC 2019] Installing from online archive.
[Tue Nov 5 19:42:32 UTC 2019] Downloading https://github.com/Neilpang/acme.sh/archive/dev.tar.gz
[Tue Nov 5 19:42:33 UTC 2019] Extracting dev.tar.gz
[Tue Nov 5 19:42:33 UTC 2019] It is recommended to install socat first.
[Tue Nov 5 19:42:33 UTC 2019] We use socat for standalone server if you use standalone mode.
[Tue Nov 5 19:42:33 UTC 2019] If you don't use standalone mode, just ignore this warning.
[Tue Nov 5 19:42:33 UTC 2019] Installing to /root/.acme.sh
[Tue Nov 5 19:42:33 UTC 2019] Installed to /root/.acme.sh/acme.sh
[Tue Nov 5 19:42:33 UTC 2019] Good, bash is found, so change the shebang to use bash as preferred.
[Tue Nov 5 19:42:34 UTC 2019] OK
[Tue Nov 5 19:42:34 UTC 2019] Install success!
[Tue Nov 5 19:42:34 UTC 2019] Upgrade success!
but the “Could not get nonce, let’s try again.” remains
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.