Skip to content

Internal Error trying to renew cert #396

New issue
New issue
Open
Open
Internal Error trying to renew cert#396
Labels
bugstale
@AnonJervis

Description

@AnonJervis
AnonJervis
opened on May 4, 2020

I was trying to renew my cert running version 2.2.1 and the following error popped up:

[5/4/2020] [10:01:54 PM] [SSL      ] › ℹ  info      Renewing Let'sEncrypt certificates for Cert #1: mywebite.com,
[5/4/2020] [10:01:55 PM] [Express  ] › ⚠  warning   Command failed: /usr/bin/certbot renew --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-1" --preferred-challenges "dns,http" --disable-hook-validation ,
Saving debug log to /var/log/letsencrypt/letsencrypt.log,
No certificate found with name npm-1 (expected /etc/letsencrypt/renewal/npm-1.conf).

I tried restarting the container to renew again and the log shows:

),
[5/4/2020] [10:00:15 PM] [SSL      ] › ✖  error     Certificate is not valid (Command failed: openssl x509 -in /etc/letsencrypt/live/npm-1/fullchain.pem -subject -noout,
140647724621128:error:2006D080:BIO routines:BIO_new_file:no such file:crypto/bio/bss_file.c:76:,
unable to load certificate,
140647724621128:error:02001002:system library:fopen:No such file or directory:crypto/bio/bss_file.c:69:fopen('/etc/letsencrypt/live/npm-1/fullchain.pem','r'),
Can't open /etc/letsencrypt/live/npm-1/fullchain.pem for reading, No such file or directory,
[5/4/2020] [10:00:15 PM] [SSL      ] › ℹ  info      Renew Complete,
[5/4/2020] [10:00:14 PM] [IP Ranges] › ℹ  info      IP Ranges Renewal Timer initialized,
[5/4/2020] [10:00:14 PM] [SSL      ] › ℹ  info      Let's Encrypt Renewal Timer initialized,
[5/4/2020] [10:00:15 PM] [Nginx    ] › ℹ  info      Reloading Nginx,
[5/4/2020] [10:00:14 PM] [Global   ] › ℹ  info      Backend PID 201 listening on port 3000 ...,
[5/4/2020] [10:00:14 PM] [SSL      ] › ℹ  info      Renewing SSL certs close to expiry...,
[5/4/2020] [10:00:14 PM] [IP Ranges] › ℹ  info      Fetching https://www.cloudflare.com/ips-v6,
[5/4/2020] [10:00:13 PM] [IP Ranges] › ℹ  info      Fetching https://ip-ranges.amazonaws.com/ip-ranges.json,
[5/4/2020] [10:00:14 PM] [IP Ranges] › ℹ  info      Fetching https://www.cloudflare.com/ips-v4,
[5/4/2020] [10:00:13 PM] [IP Ranges] › ℹ  info      Fetching IP Ranges from online services...,
[5/4/2020] [10:00:12 PM] [Migrate  ] › ℹ  info      Current database version: 20200410143839,
❯ Enabling IPV6 in hosts: /data/nginx,
  ❯ /etc/nginx/conf.d/production.conf,
  ❯ /etc/nginx/conf.d/default.conf,
  ❯ /etc/nginx/conf.d/include/resolvers.conf,
  ❯ /etc/nginx/conf.d/include/ip_ranges.conf,
  ❯ /etc/nginx/conf.d/include/proxy.conf,
  ❯ /etc/nginx/conf.d/include/block-exploits.conf,
  ❯ /etc/nginx/conf.d/include/assets.conf,
  ❯ /etc/nginx/conf.d/include/force-ssl.conf,
  ❯ /etc/nginx/conf.d/include/letsencrypt-acme-challenge.conf,
  ❯ /etc/nginx/conf.d/include/ssl-ciphers.conf,
❯ Enabling IPV6 in hosts: /etc/nginx/conf.d,
[services.d] done.,
[services.d] starting services,
[cont-init.d] done.,
[cont-init.d] executing container initialization scripts...,
[fix-attrs.d] done.,
[fix-attrs.d] applying ownership & permissions fixes...,
[s6-init] ensuring user provided files have correct perms...exited 0.,[s6-init] making user provided files available at /var/run/s6/etc...exited 0.

I decided to update to latest and the problem persists, so I completely deleted my npm container and it's data and start a whole new instance. However, I still cannot renew and now my SSL cert expired the moment I tried registering. This is not my only webserver trying to renew SSL and its happening to my other ones as well. I've tried creating with sub.subdomain.duckdns.org and it registered fine. Here is my log after starting everything fresh:

[cont-init.d] done.,
[services.d] starting services,
[services.d] done.,
Generating dummy SSL certificate...,
Generating a RSA private key,
...............................+++++,
............+++++,
writing new private key to '/data/nginx/dummykey.pem',
-----,
Complete,
❯ Enabling IPV6 in hosts: /etc/nginx/conf.d,
  ❯ /etc/nginx/conf.d/include/ssl-ciphers.conf,
  ❯ /etc/nginx/conf.d/include/letsencrypt-acme-challenge.conf,
  ❯ /etc/nginx/conf.d/include/force-ssl.conf,
  ❯ /etc/nginx/conf.d/include/assets.conf,
  ❯ /etc/nginx/conf.d/include/block-exploits.conf,
  ❯ /etc/nginx/conf.d/include/proxy.conf,
  ❯ /etc/nginx/conf.d/include/ip_ranges.conf,
  ❯ /etc/nginx/conf.d/include/resolvers.conf,
  ❯ /etc/nginx/conf.d/default.conf,
  ❯ /etc/nginx/conf.d/production.conf,
❯ Enabling IPV6 in hosts: /data/nginx,
[5/4/2020] [9:50:10 PM] [Global   ] › ✖  error     connect ECONNREFUSED xxx.xxx.xx.x3306,
[5/4/2020] [9:50:11 PM] [Global   ] › ✖  error     connect ECONNREFUSED xxx.xxx.xx.x3306,
[5/4/2020] [9:50:12 PM] [Global   ] › ✖  error     connect ECONNREFUSED xxx.xxx.xx.x3306,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      Current database version: none,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [initial-schema] Migrating Up...,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [initial-schema] auth Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [initial-schema] user Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [initial-schema] user_permission Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [initial-schema] proxy_host Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [initial-schema] redirection_host Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [initial-schema] dead_host Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [initial-schema] stream Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [initial-schema] access_list Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [initial-schema] certificate Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [initial-schema] access_list_auth Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [initial-schema] audit_log Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [websockets] Migrating Up...,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [websockets] proxy_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [forward_host] Migrating Up...,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [forward_host] proxy_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [http2_support] Migrating Up...,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [http2_support] proxy_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [http2_support] redirection_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [http2_support] dead_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [forward_scheme] Migrating Up...,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [forward_scheme] proxy_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [disabled] Migrating Up...,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [disabled] proxy_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [disabled] redirection_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [disabled] dead_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [disabled] stream Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [custom_locations] Migrating Up...,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [custom_locations] proxy_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [hsts] Migrating Up...,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [hsts] proxy_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [hsts] redirection_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [hsts] dead_host Table altered,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [settings] Migrating Up...,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [settings] setting Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [settings] Default settings added,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [access_list_client] Migrating Up...,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [access_list_client] access_list_client Table created,
[5/4/2020] [9:50:13 PM] [Migrate  ] › ℹ  info      [access_list_client] access_list Table altered,
[5/4/2020] [9:50:13 PM] [Setup    ] › ℹ  info      Creating a new JWT key pair...,
[5/4/2020] [9:50:22 PM] [Setup    ] › ℹ  info      Wrote JWT key pair to config file: /app/config/production.json,
[5/4/2020] [9:50:22 PM] [Setup    ] › ⚠  warning   Restarting interface to apply new configuration,
[5/4/2020] [9:50:24 PM] [Migrate  ] › ℹ  info      Current database version: 20200410143839,
[5/4/2020] [9:50:24 PM] [Setup    ] › ℹ  info      Creating a new user: admin@example.com with password: changeme,
[5/4/2020] [9:50:26 PM] [Setup    ] › ℹ  info      Initial setup completed,
[5/4/2020] [9:50:26 PM] [IP Ranges] › ℹ  info      Fetching IP Ranges from online services...,
[5/4/2020] [9:50:26 PM] [IP Ranges] › ℹ  info      Fetching https://ip-ranges.amazonaws.com/ip-ranges.json,
[5/4/2020] [9:50:26 PM] [IP Ranges] › ℹ  info      Fetching https://www.cloudflare.com/ips-v4,
[5/4/2020] [9:50:26 PM] [IP Ranges] › ℹ  info      Fetching https://www.cloudflare.com/ips-v6,
[5/4/2020] [9:50:26 PM] [SSL      ] › ℹ  info      Let's Encrypt Renewal Timer initialized,
[5/4/2020] [9:50:26 PM] [SSL      ] › ℹ  info      Renewing SSL certs close to expiry...,
[5/4/2020] [9:50:26 PM] [IP Ranges] › ℹ  info      IP Ranges Renewal Timer initialized,
[5/4/2020] [9:50:26 PM] [Global   ] › ℹ  info      Backend PID 269 listening on port 3000 ...,
[5/4/2020] [9:50:27 PM] [Nginx    ] › ℹ  info      Reloading Nginx,
[5/4/2020] [9:50:27 PM] [SSL      ] › ℹ  info      Renew Complete,
`QueryBuilder#allowEager` method is deprecated. You should use `allowGraph` instead. `allowEager` method will be removed in 3.0,
`QueryBuilder#eager` method is deprecated. You should use the `withGraphFetched` method instead. `eager` method will be removed in 3.0,
QueryBuilder#omit is deprecated. This method will be removed in version 3.0,
[5/4/2020] [9:51:42 PM] [Nginx    ] › ℹ  info      Reloading Nginx,
[5/4/2020] [9:51:42 PM] [SSL      ] › ℹ  info      Requesting Let'sEncrypt certificates for Cert #1: mywebite.com,
[5/4/2020] [9:51:46 PM] [Nginx    ] › ℹ  info      Reloading Nginx,
[5/4/2020] [9:51:46 PM] [Express  ] › ⚠  warning   Command failed: /usr/bin/certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-1" --agree-tos --email "email.com" --preferred-challenges "dns,http" --webroot --domains "mywebite.com" ,
Saving debug log to /var/log/letsencrypt/letsencrypt.log,
Plugins selected: Authenticator webroot, Installer None,
Obtaining a new certificate,
Performing the following challenges:,
http-01 challenge for mywebite.com,
Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains.,
Waiting for verification...,
Challenge failed for domain mywebite.com,
http-01 challenge for mywebite.com,
Cleaning up challenges,
Some challenges have failed.,
,

Could this be possible bug in the latest update? Could it be my domain has already been registered with let's encrypted before, I cannot re-register a new one when I start a new container?

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugstale

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      pFad - Phonifier reborn

      Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

      Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


      Alternative Proxies:

      Alternative Proxy

      pFad Proxy

      pFad v3 Proxy

      pFad v4 Proxy